qf/quakeforge
0
0
Fork 0
mirror of https://git.code.sf.net/p/quake/quakeforge synced 2025-03-21 18:01:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

close a small security hole where a malicious challenge could potentially

Browse source 
wreak havoc with info strings.
This commit is contained in:
Bill Currie 2002-07-03 18:29:36 +00:00
parent b81f77803c
commit 73b68e788e
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
qw/source/cl_main.c
View file

@ -986,6 +986,11 @@ CL_ConnectionlessPacket (void)
if (c == S2C_CHALLENGE) {
Con_Printf ("challenge");
if (cls.state >= ca_connected) {
if (!cls.demoplayback)
Con_Printf ("\nDup challenge received. Ignored.\n");
return;
}
s = MSG_ReadString (net_message);
cls.challenge = atoi (s);