* (bug 3412) %s expansion security patch (DevHC)

This commit is contained in:
Tim Angus 2008-01-22 23:44:10 +00:00
parent 9cc4e0c976
commit 59c231c6c6
7 changed files with 12 additions and 12 deletions

View file

@ -62,7 +62,7 @@ void QDECL AAS_Error(char *fmt, ...)
va_start(arglist, fmt);
vsprintf(str, fmt, arglist);
va_end(arglist);
botimport.Print(PRT_FATAL, str);
botimport.Print(PRT_FATAL, "%s", str);
} //end of the function AAS_Error
//===========================================================================
//

View file

@ -1428,6 +1428,6 @@ void PS_SetBaseFolder(char *path)
#ifdef BSPC
sprintf(basefolder, path);
#else
Com_sprintf(basefolder, sizeof(basefolder), path);
Com_sprintf(basefolder, sizeof(basefolder), "%s", path);
#endif
} //end of the function PS_SetBaseFolder

View file

@ -296,9 +296,9 @@ rescan:
// https://zerowing.idsoftware.com/bugzilla/show_bug.cgi?id=552
// allow server to indicate why they were disconnected
if ( argc >= 2 )
Com_Error (ERR_SERVERDISCONNECT, va( "Server Disconnected - %s", Cmd_Argv( 1 ) ) );
Com_Error( ERR_SERVERDISCONNECT, "Server disconnected - %s", Cmd_Argv( 1 ) );
else
Com_Error (ERR_SERVERDISCONNECT,"Server disconnected\n");
Com_Error( ERR_SERVERDISCONNECT, "Server disconnected\n" );
}
if ( !strcmp( cmd, "bcs0" ) ) {

View file

@ -452,7 +452,7 @@ void CL_DemoCompleted( void )
time / (float)clc.timeDemoFrames,
clc.timeDemoMaxDuration,
CL_DemoFrameDurationSDev( ) );
Com_Printf( buffer );
Com_Printf( "%s", buffer );
// Write a log of all the frame durations
if( cl_timedemoLog && strlen( cl_timedemoLog->string ) > 0 )
@ -1045,7 +1045,7 @@ void CL_RequestAuthorization( void ) {
fs = Cvar_Get ("cl_anonymous", "0", CVAR_INIT|CVAR_SYSTEMINFO );
NET_OutOfBandPrint(NS_CLIENT, cls.authorizeServer, va("getKeyAuthorize %i %s", fs->integer, nums) );
NET_OutOfBandPrint(NS_CLIENT, cls.authorizeServer, "getKeyAuthorize %i %s", fs->integer, nums );
}
/*
@ -3293,7 +3293,7 @@ void CL_GlobalServers_f( void ) {
for (i=3; i<count; i++)
buffptr += sprintf( buffptr, " %s", Cmd_Argv(i) );
NET_OutOfBandPrint( NS_SERVER, to, command );
NET_OutOfBandPrint( NS_SERVER, to, "%s", command );
}

View file

@ -554,7 +554,7 @@ void CL_ParseDownload ( msg_t *msg ) {
if (clc.downloadSize < 0)
{
Com_Error(ERR_DROP, MSG_ReadString( msg ) );
Com_Error( ERR_DROP, "%s", MSG_ReadString( msg ) );
return;
}
}

View file

@ -85,7 +85,7 @@ void BotDumpNodeSwitches(bot_state_t *bs) {
ClientName(bs->client, netname, sizeof(netname));
BotAI_Print(PRT_MESSAGE, "%s at %1.1f switched more than %d AI nodes\n", netname, FloatTime(), MAX_NODESWITCHES);
for (i = 0; i < numnodeswitches; i++) {
BotAI_Print(PRT_MESSAGE, nodeswitch[i]);
BotAI_Print(PRT_MESSAGE, "%s", nodeswitch[i]);
}
BotAI_Print(PRT_FATAL, "");
}
@ -102,7 +102,7 @@ void BotRecordNodeSwitch(bot_state_t *bs, char *node, char *str, char *s) {
Com_sprintf(nodeswitch[numnodeswitches], 144, "%s at %2.1f entered %s: %s from %s\n", netname, FloatTime(), node, str, s);
#ifdef DEBUG
if (0) {
BotAI_Print(PRT_MESSAGE, nodeswitch[numnodeswitches]);
BotAI_Print(PRT_MESSAGE, "%s", nodeswitch[numnodeswitches]);
}
#endif //DEBUG
numnodeswitches++;

View file

@ -4991,7 +4991,7 @@ static void UI_BuildQ3Model_List( void )
if (Q_stricmpn(skinname, "icon_", 5) == 0 && !(Q_stricmp(skinname,"icon_blue") == 0 || Q_stricmp(skinname,"icon_red") == 0))
{
if (Q_stricmp(skinname, "icon_default") == 0) {
Com_sprintf( scratch, sizeof(scratch), dirptr);
Com_sprintf( scratch, sizeof(scratch), "%s", dirptr);
} else {
Com_sprintf( scratch, sizeof(scratch), "%s/%s",dirptr, skinname + 5);
}
@ -5003,7 +5003,7 @@ static void UI_BuildQ3Model_List( void )
}
}
if (!dirty) {
Com_sprintf( uiInfo.q3HeadNames[uiInfo.q3HeadCount], sizeof(uiInfo.q3HeadNames[uiInfo.q3HeadCount]), scratch);
Com_sprintf( uiInfo.q3HeadNames[uiInfo.q3HeadCount], sizeof(uiInfo.q3HeadNames[uiInfo.q3HeadCount]), "%s", scratch);
uiInfo.q3HeadIcons[uiInfo.q3HeadCount++] = trap_R_RegisterShaderNoMip(va("models/players/%s/%s",dirptr,skinname));
}
}