From 9af85d93787feb76f8cb971105ef6732c3221c35 Mon Sep 17 00:00:00 2001 From: Thilo Schulz Date: Thu, 1 Jun 2006 00:23:46 +0000 Subject: [PATCH] Forgot to check for windows-style path seperator in precaution against directory traversal abuse. --- code/client/cl_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/client/cl_main.c b/code/client/cl_main.c index da5d116f..12b102de 100644 --- a/code/client/cl_main.c +++ b/code/client/cl_main.c @@ -1445,7 +1445,7 @@ void CL_NextDownload(void) { s = localName + strlen(localName); // point at the nul byte // Make sure the server cannot make us write to non-quake3 directories. - if(strstr(localName, "../")) + if(strstr(localName, "../") || strstr(localName, "..\\")) { Com_Error(ERR_DROP, "CL_NextDownload: Invalid download name %s", localName); return;