qf/quakeforge
0
0
Fork 0
mirror of https://git.code.sf.net/p/quake/quakeforge synced 2025-01-18 06:51:47 +00:00
Code Issues Projects Releases Packages Wiki Activity

fix an exploitable overflow (owwie)

Browse source
This commit is contained in:
Bill Currie 2003-07-17 22:14:50 +00:00
parent 1f948c4206
commit 0234988c46
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
qw/source/cl_parse.c
View file

@ -986,11 +986,12 @@ CL_ParseClientdata (void)
static void
CL_ProcessUserInfo (int slot, player_info_t *player)
{
char skin[512];
char *skin;
const char *s;
s = Info_ValueForKey (player->userinfo, "skin");
QFS_StripExtension (s, skin); // FIXME: buffer overflow
skin = alloca (strlen (s) + 1);
QFS_StripExtension (s, skin);
if (!strequal (s, skin))
Info_SetValueForKey (player->userinfo, "skin", skin, 1);
strncpy (player->name, Info_ValueForKey (player->userinfo, "name"),