jedi-academy/codemp/qcommon
Jonathan Gray 832b4342a8 CVE-2006-2236 Buffer overflow in the Quake 3 Engine
CVE-2006-2236
Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60,
(2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b
allows remote attackers to execute arbitrary commands via a long
remapShader command.

from Thilo Schulz in ioquake3
svn 765 git d21411452ef32b86c0b79ddcaf49221701dcdb07

Add string length checking to function COM_StripExtension. This fixes
the R_RemapShader buffer overflow exploit that can be found here:
http://milw0rm.com/exploits/1750
2013-05-07 22:18:45 +10:00
..
chash.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_draw.cpp USHORT -> unsigned short 2013-04-25 23:51:54 +10:00
cm_draw.h fix #includes to compile on non windows without pch 2013-04-25 23:51:46 +10:00
cm_landscape.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_load.cpp stricmp -> Q_stricmp 2013-04-25 23:51:55 +10:00
cm_load_xbox.cpp stricmp -> Q_stricmp 2013-04-25 23:51:55 +10:00
cm_local.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_patch.cpp set some possibly uninitialised vars to zero 2013-05-02 13:47:51 +10:00
cm_patch.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_patch_xbox.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_polylib.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_polylib.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_public.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_randomterrain.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_randomterrain.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_shader.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_terrain.cpp stricmp -> Q_stricmp 2013-04-25 23:51:55 +10:00
cm_terrainmap.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_terrainmap.h remove surplus tokens after preprocessor directives 2013-05-02 13:47:50 +10:00
cm_test.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
cm_trace.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
cmd_common.cpp add Cmd_TokenizeStringIgnoreQuotes modelled after ioquake3 2013-05-07 22:18:44 +10:00
cmd_console.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
cmd_pc.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
CNetProfile.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
common.cpp match the rest of the code and have OutputDebugString under _DEBUG 2013-04-26 22:27:12 +10:00
cvar.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
disablewarnings.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
exe_headers.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
exe_headers.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
files.cpp Fixed some qboolean type confusion 2013-05-07 22:18:44 +10:00
files.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
files_common.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
files_console.cpp stricmp -> Q_stricmp 2013-04-25 23:51:55 +10:00
files_pc.cpp const fixes 2013-05-02 13:47:51 +10:00
fixedmap.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
game_version.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
GenericParser2.cpp stricmp -> Q_stricmp 2013-04-25 23:51:55 +10:00
GenericParser2.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
hstring.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
hstring.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
huffman.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
INetProfile.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
md4.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
MiniHeap.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
msg.cpp remove surplus tokens after preprocessor directives 2013-05-02 13:47:50 +10:00
net_chan.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
platform.h replace some #elif __linux__ with #else 2013-04-25 12:46:05 +10:00
q_math.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
q_shared.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
qcommon.h add Cmd_TokenizeStringIgnoreQuotes modelled after ioquake3 2013-05-07 22:18:44 +10:00
qfiles.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
RoffSystem.cpp CVE-2006-2236 Buffer overflow in the Quake 3 Engine 2013-05-07 22:18:45 +10:00
RoffSystem.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
sparc.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
sstring.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
stringed_ingame.cpp const fixes 2013-05-02 13:47:51 +10:00
stringed_ingame.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
stringed_interface.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
stringed_interface.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
tags.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
timing.h provide a gcc style alternative to the inline asm in timing.h 2013-04-25 23:51:54 +10:00
unzip.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
unzip.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
vm.cpp CVE-2006-2236 Buffer overflow in the Quake 3 Engine 2013-05-07 22:18:45 +10:00
vm_console.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
vm_interpreted.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
vm_local.h ditch dos style newlines 2013-04-23 15:21:39 +10:00
vm_ppc.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
vm_x86.cpp callMask needs to be externally visible 2013-04-26 22:27:21 +10:00
z_memman_console.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00
z_memman_pc.cpp ditch dos style newlines 2013-04-23 15:21:39 +10:00