From 68264e7288c4db5b5797d806bab7df8dc22a8d17 Mon Sep 17 00:00:00 2001 From: Refrag Date: Wed, 15 May 2024 20:03:04 +0200 Subject: [PATCH] Fix buffer overflow when setting a NETVAR string CVar There was a possible buffer overflow if you tried setting a console var that had the CV_NETVAR and that was of the string type. The overflow would happen if you were trying to set the console variable while in a multiplayer / netgame state. This commit just increases the size of buf to account for everything that needs to be written to it. --- src/command.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/command.c b/src/command.c index a46cc98bc..7947048ed 100644 --- a/src/command.c +++ b/src/command.c @@ -1992,7 +1992,7 @@ static void CV_SetCVar(consvar_t *var, const char *value, boolean stealth) if (var->flags & CV_NETVAR) { // send the value of the variable - UINT8 buf[128]; + UINT8 buf[512]; UINT8 *p = buf; // Loading from a config in a netgame? Set revert value.