Commit graph

2755 commits

Author SHA1 Message Date
Zack Middleton
d861a4f427 Load OpenGL ES 2.0 function procs
Load functions procs supported by OpenGL ES 2.0, though there is not a
compatible renderer yet. Change argument for GLimp_Init from coreContext
to fixedFunction.
2018-07-20 23:40:21 -05:00
Zack Middleton
7391215bd4 Don't load non-core GL functions for OpenGL 3.2 core context
Also declare the GL functions in tr_local.h so there is compile error
for non-core GL functions instead of SEGFAULT from dereferencing a NULL
pointer.

Disable the non-functional stencil shadow code that hasn't been updated
to use OpenGL 3.2 core compatible drawing.
2018-07-20 23:40:17 -05:00
Zack Middleton
255c33b367 OpenGL1: Use RE_UploadCinematic() instead of duplicate code
Already done in opengl2 renderer.
2018-07-20 23:40:12 -05:00
Zack Middleton
476134f5a6 Don't upload 8 bit grayscale images as 16 bit luminance
Using more color bits than the source image provides shouldn't improve
the quality.
2018-07-20 23:40:07 -05:00
Zack Middleton
bead4aa8c7 Fix renderer not clearing some GL extension variables at vid_restart
If renderer is compiled into client (USE_RENDERER_DLOPEN=0) and after
start up set r_allowExtension to 0 and run vid_restart, some extension
were still used.
2018-07-20 23:40:02 -05:00
Zack Middleton
c74b9a4452 Remove unused renderer_buffer variable 2018-07-20 23:39:54 -05:00
Zack Middleton
809a7765b2 Make testgun command without argument disable test gun model 2018-06-24 22:22:25 -05:00
Zack Middleton
38a2f4d938 Fix in_restart causing fatal error while video is shutdown
Connecting to a server running a different fs_game and using a
autoexec.cfg containing in_restart would hit a fatal error in IN_Init().

    IN_Init called before SDL_Init( SDL_INIT_VIDEO )

Reported by smokey2k on the ioquake3 forum.
2018-06-10 15:13:10 -05:00
Zack Middleton
ce1d5406d5 Require OpenGL 1.2 for GL_CLAMP_TO_EDGE 2018-05-28 17:20:27 -05:00
Zack Middleton
77de5019b9 Don't create multiple windows when GL context creation fails 2018-05-28 17:07:38 -05:00
Zack Middleton
4fa93fbfd4 Fix client kicked as unpure when missing the latest cgame/ui pk3s
In 2013 ioquake3 stopped referencing the pk3 file that qagame.qvm was
loaded from. This had the unintended side affect of causing
non-dedicated pure servers to no longer reference a pk3 that only
contains the three QVM files.

Non-dedicated pure servers did not reference the pk3 containing the
latest cgame.qvm so if client did not have the pk3 file they were kicked
as unpure instead of the client trying to download the pk3 file.

Also make server touch ui.qvm since it's required to pass pure check and
may be separate from cgame.qvm.
2018-05-22 14:43:11 -05:00
SmileTheory
c0c45d325d OpenGL2: Readd r_deluxeSpecular.
https://github.com/ioquake/ioq3/issues/369
2018-05-14 18:30:59 -07:00
Zack Middleton
60a3112e45 Fix console offset while Team Arena voiceMenu is open
Fix console text being on top of the Tema Arena voice chat head in
screen resolutions higher than 640x480.
2018-05-14 00:22:58 -05:00
Simon McVittie
5909b9a1cf Isolate the Altivec code so non-Altivec PPC targets can use the same binary.
Moved all the code using Altivec intrinsics to separate files. This 
means we can optionally use GCC's -maltivec on just these files, which
are chosen at runtime if the CPU supports Altivec, and compile the rest
without it, making a single binary that has Altivec optimizations but
can still work on G3.

Unlike SSE and similar extensions on x86, there does not seem to be
a way to enable conditional, targeted use of Altivec based on runtime
detection (which is what ioquake3 wants to do) without also giving the
compiler permission to use Altivec in code generation; so to not crash
on CPUs that do not implement Altivec, we'll have to turn it off
altogether, except in translation units that are only entered when
runtime Altivec detection is successful.

This has been tested on Linux PPC (on an Altivec-enabled CPU),
but we may need further work after testing trickles out to other
PowerPC devices and ancient Mac OS X builds.

I did a little work on this patch, but the majority of the effort belongs 
to Simon McVittie (thanks!).
2018-05-12 14:14:47 -04:00
Zack Middleton
2326a060b9 Don't allow SDL audio capture using pulseaudio
When you start recording using SDL pulseaudio driver the client sends
all audio captured while not recording. 240 milliseconds of audio is
sent each frame until the capture buffer is empty. This is a problem for
privacy and causes confusing to debug VoIP playback issues on other
clients connected to server and when playing back demos.
2018-05-12 04:20:58 -05:00
Zack Middleton
42d2fb908c OpenGL2: Fix parsing specularScale in shaders
Fix specularScale <metallic> <smoothness> with r_pbr 1 which has been
broken since r_pbr was implemented in 2016.

Fix specularScale <r> <g> <b> <gloss> setting b to gloss and leaving
gloss as 0 since it was implemented in 2014.
2018-05-11 23:18:39 -05:00
Zack Middleton
10abac8fa0 Fix duplicate bots displayed in Team Arena ingame add bot menu
The key handler allowed going 2 beyond the end of the bot list and the
display function clamped to 0 causing the first bot to be shown 3 times.

Attempting to add the bot in gametypes < GT_TEAM would fallback to
Sarge in UI_GetBotNameByNumber() (who isn't the first bot) and gametypes
>= GT_TEAM would access characterList past known values (typically NULL
but if teaminfo.txt contained 63 characters it would access out of
bounds memory).
2018-05-06 01:47:49 -05:00
Zack Middleton
da861ff3a2 Fix not closing description.txt and fix path seperator
0 length description.txt files were not closed.
2018-05-03 16:13:19 -05:00
Zack Middleton
51743bbb01 Improvements for dedicated camera followers (team follow1/2)
Switching to dedicated camera follower with no possible players to
follow would spawn at the intermission point and display "connection
interrupted" HUD message. Pmove() was not run for the client so
ps.commandTime was too far behind. I made it so that dedicated camera
followers and scoreboard run Pmove() but cannot move (PM_FREEZE).

When all players possible to follow leave, the dedicated camera follower
would continue to display the old player state of the player they were
following (along with "connection interrupted" HUD message). Unlike the
regular case of a spectator following a specific player, dedicated
camera followers did not reset their player state to the intermission
point after the followed player was no longer valid.

Now a client can be set as 'team follow1' to automatically switch
between displaying the intermission point and following a player when
possible.
2018-05-01 21:25:14 -05:00
Zack Middleton
f3f29e9670 Make s_useOpenAL be CVAR_LATCH
After changing s_useOpenAL the sound needs to be restarted (snd_restart)
for it to take affect.
2018-05-01 16:18:44 -05:00
Zack Middleton
45f8512f8e Fix clearing keys for control in Team Arena UI
When a control is selected for binding a key, pressing backspace would
clear the displayed keys in the menu but not actually unbind the keys.
2018-04-26 11:47:11 -05:00
IR4T4
9b2df26024 Fix array index in CanDamage() function - discovered by MARTY
The wrong array element was accessed. However the correct element is the
same value so fixing it does not affect gameplay.
2018-04-26 11:31:07 -05:00
Zack Middleton
7ad05ccf2d Make UI_DrawProportionalString handle NULL string
This makes the function consistent with UI_DrawString.
2018-04-26 11:22:55 -05:00
Zack Middleton
05758d52f4 Remove unnecessary NULL pointer check in Cmd_RemoveCommand 2018-04-26 11:22:55 -05:00
Zack Middleton
a82a99f68d Fix uninitialized bot_goal_t fields 2018-04-26 11:22:55 -05:00
Zack Middleton
e9e11f1605 Fix possible bot goal state NULL pointer dereference 2018-04-26 11:22:55 -05:00
Zack Middleton
9a0ee67e04 Make macOS Universal Bundle target 10.6 for x86 and x86_64
SDL 2.0.5 dropped support for macOS 10.5 so target 10.6 instead. The
PPC build uses SDL 2.0.1 so it still targets 10.5. macOS 10.5 (x86,
x86_64) should automatically run the PPC build using Rosetta.

Revert MAN-AT-ARMS' change to SDL 2.0.8 SDL_platform.h that allowed
targeting macOS 10.5 for the sake of PPC. It also incorrectly allowed
x86 and x86_64 to target 10.5 as well. (Also macOS PPC uses separate
headers now.)
2018-04-26 11:21:36 -05:00
Zack Middleton
92935df37b Enable SDL audio capture for SDL 2.0.5 and newer
The version check is required for supporting macOS PPC with SDL 2.0.1
and Travis-CI (Ubuntu Trusty) with SDL 2.0.2.

The client now requires SDL 2.0.5 runtime if compiled against SDL 2.0.5
or newer.
2018-04-26 11:21:36 -05:00
Zack Middleton
45af2594a0 Add SDL 2.0.1 headers for macOS PPC
code/libs/macosx/libSDL2-2.0.0.dylib has 2.0.8 for x86 and x86_64 and
2.0.1 for PPC. Add 2.0.1 headers for PPC with modifed SDL_platform.h to
allow compiling using macOS 10.5 SDK. Using separate headers allows the
engine to check the SDL version for enabling newer SDL features.
2018-04-26 11:21:36 -05:00
MAN-AT-ARMS
5bf60a9504 Update SDL2 to 2.0.8 2018-04-26 11:21:36 -05:00
Ryan C. Gordon
8bd2c79109 Disable SDL audio capture until prebuilt SDL libraries are updated to 2.0.8. 2018-04-14 00:56:36 -04:00
Ryan C. Gordon
78c70d0afc Use the SDL2 audio device interface instead of the legacy 1.2 API.
This is a little bit of future-proofing, but also gives us a little more
flexibility in general; now we can add in the cvars to open a specific
device, etc, that the OpenAL codepath does.
2018-04-13 22:47:29 -04:00
Ryan C. Gordon
69f92daf08 Added audio capture support to SDL backend.
This lets you speak through VoIP when not using OpenAL. Previously you could
listen but not speak.
2018-04-13 22:38:17 -04:00
Ryan C. Gordon
2f62394174 There's no need to SDL_PauseAudio(1) before calling SDL_CloseAudio(). 2018-04-13 21:32:51 -04:00
Ryan C. Gordon
62acfb3348 sdl_snd.c should just initialize SDL audio without checking SDL_WasInit().
In SDL2, the initialized subsystems are referenced counted, so it's safe to
initialize them twice, and it makes the SDL_QuitSubSystem during our shutdown
correctly decrement the count. Before (as a probably-harmless bug), it would
not increment the refcount if the subsystem was already initialized, causing
problems when it decremented it later.
2018-04-13 21:30:26 -04:00
Ryan C. Gordon
4f8c7c2f2f Support SDL audio devices that require float32 samples.
Fixes missing audio when playing on Windows with SDL 2.0.7, which started
using WASAPI, which demands floating point audio.
2018-04-13 14:05:12 -04:00
Zack Middleton
3377f9981a Fix map list in Team Arena start server menu after entering SP menu
In September 2017 I moved loading arenas.txt/*.arena files from entering
start server menu to at startup to fix running out of memory in Team Arena
UI after opening the start server menu several times.

However, Team Arena completely replaces the uiInfo.mapList array when
switching between single player and start server menus. So after my
change, entering single player and then entering start server would only
display single player maps. It caused SP endofgame menu to use MP map
list for replay/next map since arenas were loaded after gameinfo.txt.

Continue loading arena info at start up to avoid reallocating arena info
but move setting up uiInfo.mapList to when entering the start server
menu.
2018-04-12 01:04:54 -05:00
Zack Middleton
dfb49e78b5 Make setting r_stencilbits more consistent in Team Arena UI
I changed Color Depth options 'Default' to reset r_stencilbits instead
of 0 and '32 bit' to use r_stencilbits 8 instead of not changing the
value. (This matches my q3_ui changes in the previous commit.)

Set r_stencilbits when changing graphics presets like when changing
Color Depth.
2018-04-11 02:07:27 -05:00
Zack Middleton
61404e25c4 Restore setting r_colorbits in q3_ui
In 2007 in ioquake3 unified-sdl branch (revision 1144) setting
r_colorbits in q3_ui was removed but the Color Depth menu option was
still kept. Setting r_colorbits was not removed from the Team Arena UI.

In 2011 I removed the Color Depth menu option from q3_ui as it did not
change any cvars. Yesterday I restored the option not realizing this
and thinking that requesting 16-bit color depth worked.

Add setting r_colorbits back to q3_ui so Color Depth menu option works
again. I changed Color Depth options 'Default' to reset r_stencilbits
instead of 0 and '32 bit' to use r_stencilbits 8 instead of not changing
the value.

However I discovered r_colorbits 16 does not actually work on my system
(Debian Jessie x86_64 nvidia). ioquake3 was reporting the requested
value instead of the actual obtained value. Fixed in my previous commit.
2018-04-11 02:05:55 -05:00
Zack Middleton
7e9b92de12 Fix displayed color/depth/stencil bits values
The values passed to SDL are just the minimum required. Get actually
values of colorbits, depthbits, and stencilbits from SDL instead of
assuming that the engine got exactly what it asked for.
2018-04-11 01:26:00 -05:00
Zack Middleton
43602a7eb8 Revert "Removed "Color Depth" from q3_ui system settings, it didn't control anything."
The r_colorbits cvar still exists and gfxinfo reports it works on
Debian Jessie in both git master and building the commit where I
removed r_colorbits from q3_ui. So it does indeed control something.
Maybe I expected 16-bit color to look different? I don't know.

This reverts my commit 8e689739f4
from August 11 2011.
2018-04-09 16:31:32 -05:00
Zack Middleton
3ad427c68d Fix q3history buffer not cleared between mods and OOB-access
Loading a 1024-byte q3history file will fill the whole consoleSaveBuffer
leaving no space for a string terminator. Com_Parse will read at least
one byte beyond the end of consoleSaveBuffer. The written console
history file can only be 1023 bytes (enforced by Q_strcat) so don't
allow loading size of 1024.

If switching to a mod with a shorter q3history file, the data in
consoleSaveBuffer that isn't overwritten will be parsed. So always
add a string terminator.

String not terminated reported by David "devnexen" CARLIER.
2018-04-09 02:20:49 -05:00
Zack Middleton
699cbed7c7 Fix mouse grab after toggling fullscreen
cls.glconfig.isFullscreen was not updated when changing r_fullscreen
without a vid_restart. Starting in fullscreen and switching to
windowed mode would not release the mouse.

Mods calling trap_GetGlconfig() after a fullscreen toggle now get
the correct value for isFullscreen. (Note: Mods already got the
correct value at start up and after vid_restart.)

Reported by Mickaël "mickael9" Thomas.
2018-04-09 00:05:43 -05:00
Mickaël Thomas
e986384fde Maximize cURL buffer size
Allows higher download throughput (from ~2 MB/s to ~60 MB/s at 120FPS)

This has no effect for curl versions older than 7.53.0 (for which the
buffer can only be shrunk below 16k)
2018-04-08 22:40:37 -05:00
IR4T4
63e59a4591 Fix the behaviour of CVAR_LATCH|CVAR_CHEAT cvars
Fix the output/behaviour of CVAR_CHEAT flagged cvars in case they are
also of type CVAR_LATCH (avoid the early latch case return to make it
work as intended).
2018-04-08 22:08:04 -05:00
Dominic Fandrey
b8ee77cecc Avoid srcList[-1] in snd_openal.c 2018-04-08 21:41:31 -05:00
Dominic Fandrey
a740ba47dd OpenGL1: Decay float[8] to float * in tr_marks.c 2018-04-08 21:41:31 -05:00
Dominic Fandrey
bf4c7a0341 Add missing address operator in cm_polylib.c
Also avoid nullptr dereference.
2018-04-08 21:41:31 -05:00
Dominic Fandrey
3a702ded65 Fix signed bit operations in MSG_ReadBits 2018-04-08 21:41:31 -05:00
Dominic Fandrey
62cec249d7 Fix shift into sign in cl_cin.c 2018-04-08 21:41:31 -05:00
Zack Middleton
ae9edd1491 Fix shifting bits out of byte in tr_font.c
Found using LLVM sanitizer. Reported by Dominic "lonkamikaze" Fandrey.
2018-04-08 21:41:31 -05:00
Dominic Fandrey
a494edeb94 Fix undefined behaviour due to shifting signed in snd_mem.c 2018-04-08 21:41:26 -05:00
Zack Middleton
4ea0eebfe5 Fix nullptr dereference in front of nullptr check in FS_CheckPak0
Found using LLVM sanitizer. Reported by Dominic "lonkamikaze" Fandrey
and David "devnexen" CARLIER.
2018-04-08 20:56:08 -05:00
Eugene C
9f294ce520 Fix MSG_Read*String*() functions not being able to read last byte from message
This is exact root of q3msgboom bug http://aluigi.altervista.org/adv/q3msgboom-adv.txt
Unfortunately, server still need this ugly '1022 char limit' hack to support unfixed clients in some degree.
And as it affects MSG_ReadBigString() - unfixed clients can still be crashed by 8191-chars long configstrings that comes with gamestate
2018-04-03 22:36:24 -05:00
Zack Middleton
3bf48877f3 Fix "Going to CS_ZOMBIE for [clientname]" developer message
Client name was cleared before printing the message resulting in
a blank name.
2018-04-03 21:37:59 -05:00
Zack Middleton
b61e2998f3 Fix exploit to reset player by sending wrong serverId
If client sends wrong serverId but is already active in the world
(CS_ACTIVE) don't resend initial gamestate for the map. This isn't a
valid situation. The player should be CS_CONNECTED or CS_PRIMED.

Resending gamestate to an active player will cause them to respawn
without dying or disconnecting. If the player had a CTF flag it gets
lost until the map is changed or restarted.

Reported by Ensiform at:

    https://bugzilla.icculus.org/show_bug.cgi?id=6324
2018-04-03 21:37:15 -05:00
Zack Middleton
484149573b Allow loading system OpenAL library on macOS again
In May 2017 the library loading was limited to *.dylib but the macOS
system OpenAL framework does not have dylib extension. So allow loading
files from /System/Library/Frameworks/ as libraries even without dylib
extension.

This is checked in Sys_DllExtension() so that QVM filesystem access will
not allow writing files to /System/Library/Frameworks/ even if homepath
is changed to include it. (Admittedly it doesn't fit the function name
but fits the function description and current usage.)
2018-03-22 14:58:44 -05:00
Zack Middleton
acef71af5e Rename (already updated) opusfile-0.8 to opusfile-0.9 2018-03-16 13:29:20 -05:00
Zack Middleton
58a315fe3f Update opusfile from 0.8 to 0.9 2018-03-16 13:29:20 -05:00
Zack Middleton
8611eb421d Rename (already updated) opus-1.1.4 to opus-1.2.1 2018-03-16 13:29:19 -05:00
Zack Middleton
cb24c59567 Update opus from 1.1.4 to 1.2.1 2018-03-16 13:29:19 -05:00
Zack Middleton
c38c823a2a Rename (already updated) libvorbis-1.3.5 to libvorbis-1.3.6 2018-03-16 13:29:19 -05:00
Zack Middleton
b78c6e61bf Update libvorbis from 1.3.5 to 1.3.6
* Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
* Fix CVE-2017-14632 - free() on unitialized data
* Fix CVE-2017-14633 - out-of-bounds read
2018-03-16 13:29:02 -05:00
Zack Middleton
ebd3d516ac Rename (already updated) libogg-1.3.2 to libogg-1.3.3 2018-03-16 13:11:27 -05:00
Zack Middleton
2e7900c1aa Update libogg from 1.3.2 to 1.3.3 2018-03-16 13:11:27 -05:00
Tom Murphy
af6b1f8edf Remove CON_FlushIn function and where STDIN needs flushing, use tcflush POSIX function 2018-03-14 21:43:56 +00:00
Zack Middleton
b48d902672 OpenGL1: Use glGenTextures instead of hardcoded values
It's the proper way to use the OpenGL API. It's already done in the
OpenGL2 renderer.
2018-03-13 09:17:23 -05:00
Zack Middleton
0d6edd227a Support Unicode characters greater than 0xFF in cl_consoleKeys
Unrelated: make '0x' value be -1 (invalid) instead of 0.

Reported by MAN-AT-ARMS.
2018-02-22 18:15:53 -06:00
Zack Middleton
00c3480938 OpenGL2: Fix crash when BSP has deluxe maps and vertex lit surfaces
Reported by Mickaël Thomas (mickael9).
2018-02-18 13:05:27 -06:00
Zack Middleton
d1f82ed567 Increase q3_ui .arena filename list buffer size to 4096 bytes
Allow listing about 273 .arena filenames for loading in q3_ui instead
of only about 136 that fit in a 2048 byte buffer (average 15 bytes per
file name).

The buffer for filename list runs out of space long before the buffer
for arena file content does. There is no warning for file list out of
space but there is a warning for arena file content.

This was requested by a user with many maps.
2018-02-11 15:54:05 -06:00
Thomas Köppe
3f29b8558d [qcommon] Make several zone variables and functions static. 2018-02-07 09:13:27 -06:00
Thomas Köppe
d047210aca [qcommon] Remove dead serialization code 2018-02-05 10:37:46 -06:00
Zack Middleton
71a9a5efa6 Make FS_InvalidGameDir() consider subdirectories invalid
fs_game shouldn't be a subdirectory and it simplifies the code.
2018-02-04 20:34:48 -06:00
Zack Middleton
3d6aa05694 OpenGL2: Fix dark lightmap on shader in mpteam6
Team Arena's mpteam6 map has a shader textures/base_wall2/space_concrete
that contains an opaque stage, two non-lightmap blendfunc filter stages,
a blendfunc add stage, and a lightmap stage. The lightmap was attached
to all four of the non-lightmap stages causing the filter stages to
darken the lightmap multiple times.

Change setting up the lightall GLSL shader to only use lightmap if it's
the first stage or not a blendfunc filter stage. Now only the opaque
and blendfunc add stages of the mpteam6 shader use the lightmap.

Reported by Alexander Nadeau (wareya).
2018-02-04 14:34:17 -06:00
Zack Middleton
0b6d97f849 Fix negative frag/capturelimit causing an infinite map end loop
Reported by @vloup.
2018-02-04 10:37:39 -06:00
Zack Middleton
fc16ac6bd2 Fix invalid access to cluster 0 in AAS_AreaRouteToGoalArea()
Newer versions of BSPC such as 2.1h included with the Quake 3 GPL source
code create AAS files containing areas in cluster 0 if the area has no
reachabilities.

The AAS files included with Quake 3 and Team Arena do not contain areas
in cluster 0. It's apparent that BSPC would not create them. Instead it
created clusters with no reachability areas.

It seems the intention was to check if the areanum and goalareanum have
reachable areas using AAS_AreaReachability(areanum) everywhere before
calling AAS_AreaRouteToGoalArea(). This prevents adding cluster 0 to
the routing cache and portal cache. However, it is not checked
everywhere and including some places in the Game VM.

Fix AAS_AreaRouteToGoalArea() instead of trying to wack-a-mole with all
the places that call it.

Cluster 0 access reported by Thomas Köppe (github @tkoeppe) as causing
crashes in rare cases.
2018-02-04 09:07:44 -06:00
Zack Middleton
0822772ea2 Fix timelimit causing an infinite map ending loop
A negative timelimit value or a value that would overflow the
multiplication by 60000 caused an endless map change/reload.

Based on patch and description by @vloup.
2018-02-04 09:00:08 -06:00
Zack Middleton
83119a990a Fix Q_vsnprintf for mingw-w64
By default mingw-w64 uses Microsoft's broken _vsnprintf() in msvcrt.dll.
It can be overriden by defining __USE_MINGW_ANSI_STDIO but let's just
use the same behavior for both MSVC and mingw-w64.

Reported by @birdstakes.
2018-02-04 08:04:13 -06:00
Zack Middleton
df8f657f09 Fix exploit to bypass filename restrictions on Windows
Windows API ignores all trailing spaces and periods which can get around
Quake 3 file system restrictions. QVM opening 'uix86.dll.' actually
opens 'uix86.dll' which allows QVM to write native code.

This is done in the low-level Sys_FOpen() instead of the function
directly used by VMs ( FS_FOpenFileByMode() ) in case there are engine
commands now or in the future that can read or write arbitrary files.

Reported by Noah Metzger (Chomenor).
2018-01-30 07:59:25 -06:00
Zack Middleton
738465d677 Revert my recent cvar latch changes
My cvar latch system changes prevent the Game VM from changing
g_gametype when the value is out of range due to it being registed in
the engine. It's been pointed out as fragile method of security, which
was still exploitable, by Noah Metzger (Chomenor). It doesn't seem like
this is working out to be a good solution.

The issue of fs_game '..' on server being relicated on client via
systeminfo exploit is still fixed as it's not affected by latch.
There are a few cases from current values of fs_game are used which
ideally should use fs_gamedir char array which has been validated.

Revert "Don't let VMs change engine latch cvars immediately"
Partially revert "Fix fs_game '..' reading outside of home and base path"
Revert "Fix VMs forcing engine latch cvar to update to latched value"
2018-01-21 22:45:46 -06:00
Zack Middleton
ed8d48cac3 Fix VMs forcing engine latch cvar to update to latched value
A few commits ago I stopped VM's Cvar_Set() from instantly updating
latched values. Now VM can't call Cvar_Register() afterword to force
latched value to be used.

Reported by Noah Metzger (Chomenor).
2018-01-21 19:49:16 -06:00
Zack Middleton
3638f69dff Fix fs_game '..' reading outside of home and base path
VMs could set fs_game to '..' at anytime to access files outside of home
and base path. fs_game sent by server to clients could also be '..' to
access files outside of home and base path.

'..' was not caught by FS_CheckDirTraversal() as it expects filenames
not a single directory.

I've made fs_game be latched to prevent VMs from changing it with no
good way to validate it before it's used. com_basegame and fs_basegame
are now latched as well.

Additionally, it's now possible to change com_basegame while the engine
is running. game_restart or vid_restart will make it take affect.
com_homepath is now CVAR_PROTECTED to prevent VMs from changing it
to a directory traversal.

This requires my two previous commits for preventing VMs from changing
engine latch cvars and only Cvar_Get fs_game in FS_Startup (so CVAR_INIT
isn't added in serveral other places).

Reported by Noah Metzger (Chomenor).
2018-01-21 06:02:28 -06:00
Zack Middleton
78ca670d4f Don't let VMs change engine latch cvars immediately
If a VM increases sv_maxclients while a server is running the engine
will crash. The value should be latched until engine decides to update
the cvar; the same as when a user sets it.
2018-01-21 06:02:08 -06:00
Zack Middleton
adef4e6c9e Don't register fs_game cvar everywhere just to get the value 2018-01-21 06:02:08 -06:00
Zack Middleton
3a6af1bc48 Fix VMs being able to change CVAR_PROTECTED cvars
VM could use Cvar_Register to set a protected cvar as user created and
was then able to use Cvar_Register with CVAR_ROM to change the value.

Don't allow Cvar_Register to affect protected cvars and prevent VMs
from adding internal flags to any cvars (creator, modified, protected,
nonexistent).

Reported by Noah Metzger (Chomenor).
2018-01-21 06:02:08 -06:00
Thomas Köppe
917bca4f7d Use standard offsetof facility. Dereferencing a null pointer results
in undefined behaviour.
2018-01-21 06:01:50 -06:00
Thomas Köppe
ed1794fe17 Change shift expressions to unsigned types. Shifting signed values to
a result that is not representable has undefined behaviour.
2018-01-21 06:01:50 -06:00
Zack Middleton
7e2aa2c627 Remove extra plus sign from Huff_Compress()
There was an extra plus sign in Huff_Compress(). It wasn't causing any
issues as it does not affect the generated code. Removing it makes the
source code the same as Huff_Decompress().

The odd source code was brought to my attention by Tobias Kuehnhammer.
2018-01-14 18:38:38 -06:00
Zack Middleton
22fcd82965 Make FS_BuildOSPath for botlib.log consistent with typical usage
I don't think anywhere else uses "" to mean current game directory.
Though it's only an issue for my fork where I removed that behavior.
2017-12-23 17:01:08 -06:00
Eugene C
f3bdd6f022 Don't allow qagame module to create "botlib.log" at ANY filesystem location 2017-12-23 16:41:13 -06:00
David CARLIER
c904f6d4aa fix a few potential buffer overwrite in Game VM 2017-12-16 12:51:34 -06:00
David CARLIER
76ec9fb6bd Few LCC memory fixes. 2017-12-15 18:08:23 -06:00
Zack Middleton
7c2dd01873 OpenGL2: Restore adding fixed ambient light when HDR is enabled
Use opengl1 renderer behavior of adding fixed amount of ambient light
to all models regardless of HDR setting. It fixes the view weapon
having zero ambient light on pillcity map.
2017-12-15 17:46:51 -06:00
Zack Middleton
bad8c3ba4e Fix GCC 6 misleading-indentation warning 2017-12-03 05:51:40 -06:00
Zack Middleton
424e1ac7b1 Fix invalid model frame developer warnings in Team Arena
Models for Team Arena's holdable medkit and invulnerability effects use
the frames numbers from the player's torso but the actual models only
have one frame (0).
2017-11-22 20:21:02 -06:00
Zack Middleton
d40b047f13 Correct spelling of two more words
Thanks Undeference for pointing out abreviations.
2017-11-22 20:17:21 -06:00
Edward Betts
fe42b8653d Correct spelling mistakes. 2017-11-22 01:40:20 -06:00
Zack Middleton
3e1599ac4b Fix my previous commit about -1 ammo 2017-11-10 21:09:23 -06:00
Zack Middleton
4af2c91fbf Fix -1 (unlimited) ammo decreasing ammo time remaining
Gauntlet and Grappling Hook use -1 ammo. Gauntlet is excluded from
the check ammo loop but Grappling Hook causes ammo time remaining
to decrease 200 milliseconds.

The out of ammo check tests time remaining is equal to zero. This
means carrying Grappling Hook and out of ammo will have negative
time remaining which results in the low ammo message being displayed
instead of out of ammo.
2017-11-10 20:33:07 -06:00
Zack Middleton
471ea9e564 Fix Team Arena server refresh time format
Make minute less than 10 have a leading 0. Change '7:1' to '7:01'.
2017-11-10 20:06:04 -06:00