mirror of
https://github.com/ioquake/jedi-academy.git
synced 2024-11-22 04:11:57 +00:00
CVE-2005-0983 Fixed q3msgboom
CVE-2005-0983 Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data. Luigi Auriemma q3msgboom from Tim Angus in ioquake svn 95 git 33a48a0336865a9d21983e4836920cd9f3401101 Fixed q3msgboom from http://www.quakesrc.org/forums/viewtopic.php?t=5374
This commit is contained in:
parent
14f42588a8
commit
983705084a
1 changed files with 8 additions and 0 deletions
|
@ -160,6 +160,14 @@ void QDECL SV_SendServerCommand(client_t *cl, const char *fmt, ...) {
|
||||||
vsprintf ((char *)message, fmt,argptr);
|
vsprintf ((char *)message, fmt,argptr);
|
||||||
va_end (argptr);
|
va_end (argptr);
|
||||||
|
|
||||||
|
// Fix to http://aluigi.altervista.org/adv/q3msgboom-adv.txt
|
||||||
|
// The actual cause of the bug is probably further downstream
|
||||||
|
// and should maybe be addressed later, but this certainly
|
||||||
|
// fixes the problem for now
|
||||||
|
if ( strlen ((char *)message) > 1022 ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if ( cl != NULL ) {
|
if ( cl != NULL ) {
|
||||||
SV_AddServerCommand( cl, (char *)message );
|
SV_AddServerCommand( cl, (char *)message );
|
||||||
return;
|
return;
|
||||||
|
|
Loading…
Reference in a new issue