Commit graph

690 commits

Author SHA1 Message Date
IR4T4
63e59a4591 Fix the behaviour of CVAR_LATCH|CVAR_CHEAT cvars
Fix the output/behaviour of CVAR_CHEAT flagged cvars in case they are
also of type CVAR_LATCH (avoid the early latch case return to make it
work as intended).
2018-04-08 22:08:04 -05:00
Dominic Fandrey
bf4c7a0341 Add missing address operator in cm_polylib.c
Also avoid nullptr dereference.
2018-04-08 21:41:31 -05:00
Dominic Fandrey
3a702ded65 Fix signed bit operations in MSG_ReadBits 2018-04-08 21:41:31 -05:00
Zack Middleton
4ea0eebfe5 Fix nullptr dereference in front of nullptr check in FS_CheckPak0
Found using LLVM sanitizer. Reported by Dominic "lonkamikaze" Fandrey
and David "devnexen" CARLIER.
2018-04-08 20:56:08 -05:00
Eugene C
9f294ce520 Fix MSG_Read*String*() functions not being able to read last byte from message
This is exact root of q3msgboom bug http://aluigi.altervista.org/adv/q3msgboom-adv.txt
Unfortunately, server still need this ugly '1022 char limit' hack to support unfixed clients in some degree.
And as it affects MSG_ReadBigString() - unfixed clients can still be crashed by 8191-chars long configstrings that comes with gamestate
2018-04-03 22:36:24 -05:00
Zack Middleton
0d6edd227a Support Unicode characters greater than 0xFF in cl_consoleKeys
Unrelated: make '0x' value be -1 (invalid) instead of 0.

Reported by MAN-AT-ARMS.
2018-02-22 18:15:53 -06:00
Thomas Köppe
3f29b8558d [qcommon] Make several zone variables and functions static. 2018-02-07 09:13:27 -06:00
Thomas Köppe
d047210aca [qcommon] Remove dead serialization code 2018-02-05 10:37:46 -06:00
Zack Middleton
71a9a5efa6 Make FS_InvalidGameDir() consider subdirectories invalid
fs_game shouldn't be a subdirectory and it simplifies the code.
2018-02-04 20:34:48 -06:00
Zack Middleton
83119a990a Fix Q_vsnprintf for mingw-w64
By default mingw-w64 uses Microsoft's broken _vsnprintf() in msvcrt.dll.
It can be overriden by defining __USE_MINGW_ANSI_STDIO but let's just
use the same behavior for both MSVC and mingw-w64.

Reported by @birdstakes.
2018-02-04 08:04:13 -06:00
Zack Middleton
738465d677 Revert my recent cvar latch changes
My cvar latch system changes prevent the Game VM from changing
g_gametype when the value is out of range due to it being registed in
the engine. It's been pointed out as fragile method of security, which
was still exploitable, by Noah Metzger (Chomenor). It doesn't seem like
this is working out to be a good solution.

The issue of fs_game '..' on server being relicated on client via
systeminfo exploit is still fixed as it's not affected by latch.
There are a few cases from current values of fs_game are used which
ideally should use fs_gamedir char array which has been validated.

Revert "Don't let VMs change engine latch cvars immediately"
Partially revert "Fix fs_game '..' reading outside of home and base path"
Revert "Fix VMs forcing engine latch cvar to update to latched value"
2018-01-21 22:45:46 -06:00
Zack Middleton
ed8d48cac3 Fix VMs forcing engine latch cvar to update to latched value
A few commits ago I stopped VM's Cvar_Set() from instantly updating
latched values. Now VM can't call Cvar_Register() afterword to force
latched value to be used.

Reported by Noah Metzger (Chomenor).
2018-01-21 19:49:16 -06:00
Zack Middleton
3638f69dff Fix fs_game '..' reading outside of home and base path
VMs could set fs_game to '..' at anytime to access files outside of home
and base path. fs_game sent by server to clients could also be '..' to
access files outside of home and base path.

'..' was not caught by FS_CheckDirTraversal() as it expects filenames
not a single directory.

I've made fs_game be latched to prevent VMs from changing it with no
good way to validate it before it's used. com_basegame and fs_basegame
are now latched as well.

Additionally, it's now possible to change com_basegame while the engine
is running. game_restart or vid_restart will make it take affect.
com_homepath is now CVAR_PROTECTED to prevent VMs from changing it
to a directory traversal.

This requires my two previous commits for preventing VMs from changing
engine latch cvars and only Cvar_Get fs_game in FS_Startup (so CVAR_INIT
isn't added in serveral other places).

Reported by Noah Metzger (Chomenor).
2018-01-21 06:02:28 -06:00
Zack Middleton
78ca670d4f Don't let VMs change engine latch cvars immediately
If a VM increases sv_maxclients while a server is running the engine
will crash. The value should be latched until engine decides to update
the cvar; the same as when a user sets it.
2018-01-21 06:02:08 -06:00
Zack Middleton
adef4e6c9e Don't register fs_game cvar everywhere just to get the value 2018-01-21 06:02:08 -06:00
Zack Middleton
3a6af1bc48 Fix VMs being able to change CVAR_PROTECTED cvars
VM could use Cvar_Register to set a protected cvar as user created and
was then able to use Cvar_Register with CVAR_ROM to change the value.

Don't allow Cvar_Register to affect protected cvars and prevent VMs
from adding internal flags to any cvars (creator, modified, protected,
nonexistent).

Reported by Noah Metzger (Chomenor).
2018-01-21 06:02:08 -06:00
Thomas Köppe
917bca4f7d Use standard offsetof facility. Dereferencing a null pointer results
in undefined behaviour.
2018-01-21 06:01:50 -06:00
Thomas Köppe
ed1794fe17 Change shift expressions to unsigned types. Shifting signed values to
a result that is not representable has undefined behaviour.
2018-01-21 06:01:50 -06:00
Zack Middleton
7e2aa2c627 Remove extra plus sign from Huff_Compress()
There was an extra plus sign in Huff_Compress(). It wasn't causing any
issues as it does not affect the generated code. Removing it makes the
source code the same as Huff_Decompress().

The odd source code was brought to my attention by Tobias Kuehnhammer.
2018-01-14 18:38:38 -06:00
Edward Betts
fe42b8653d Correct spelling mistakes. 2017-11-22 01:40:20 -06:00
Thomas Köppe
b3223dcfcb [qcommon] Use unsigned types where wrapping arithmetic is intended
The use of signed types in these expressions lead to overflow, hence undefined behaviour. The "sum" aggregator in Com_TouchMemory isn't even used (and presumbably just exists to inhibit optimizations from removing the memory access).
2017-10-02 19:46:37 -05:00
Zack Middleton
ead54782d0 Improve client input responsiveness
Move sampling input to the other side of framerate limiter.

Thanks to Alexander "wareya" Nadeau and Juraj "youurayy" Vitko for
pointing this out.
2017-08-21 21:40:54 -05:00
Zack Middleton
be1c71d363 Combine mouse movement events in event queue
Fixes 'Com_QueueEvent: overflow' spam after hitch / map load.

Based on patch by @ec-.
2017-08-21 20:12:26 -05:00
Zack Middleton
d2b1d124d4 Fix/improve buffer overflow in MSG_ReadBits/MSG_WriteBits
Prevent reading past end of message in MSG_ReadBits. If read past
end of msg->data buffer (16348 bytes) the engine could SEGFAULT.
Make MSG_WriteBits use an exact buffer overflow check instead of
possibly failing with a few bytes left.
2017-08-02 14:55:22 -05:00
Zack Middleton
7c252066a3 Fix set-but-not-used variable warnings in vm_armv7l.c
offsidx and const_value were set but not used.
2017-07-08 16:48:23 -05:00
Zack Middleton
dfce71929a Add con_autochat and con_autoclear cvars 2017-06-08 15:46:19 -05:00
Eugene C
c259e7cba3 Fix comment 2017-05-25 09:44:18 +01:00
ec-
566fb0edfc Allow unaligned load/store in QVM interpreter/x86 compiler
constructions like (dataMask & ~3) was used to protect against out-of-bound load/store when address is 4-byte closer to dataMask
 but at the same time it effectively cut low address bits for ALL load/store operations which is totally wrong in terms of conformance to ALLOWED (i.e. generated by q3lcc from C sources) low-level operations like packed binary data parsing
2017-05-25 09:44:18 +01:00
Zack Middleton
2c225a5a2b Merge pull request #199 from UniQP/typos
Fix some typos in comments
2017-05-24 13:41:15 -05:00
Zack Middleton
66365a3a85 Merge pull request #198 from UniQP/deadvariable
Remove dead variables
2017-05-24 13:40:53 -05:00
Zack Middleton
351e8f84d2 Merge pull request #270 from mickael9/unused-warning
Don't include (mission)pak_checksums in standalone build
2017-05-24 12:26:55 -05:00
Zack Middleton
05858d30e8 Don't load libraries with non-standard file extensions
Also don't allow writting files ending in a library extension such
as ".so.0" or ".dylib.0".
2017-05-24 10:28:46 -05:00
Max Crofts
af69d1148f Improve FS_GetModList
- Paths to search for mods are now specified in an array

- Mods can now consist solely of ".pk3dir" folders and still be
considered valid

- The function now has a consistent style
2017-04-12 17:49:50 +10:00
Max Crofts
7ff610db35 Detect GOG install path 2017-04-07 16:26:26 +10:00
SmileTheory
de3339ebcd Fill in filename in Com_WriteConfig_f() before checking extension.
Thanks BartoCH for pointing out.
2017-03-27 04:11:33 -07:00
SmileTheory
d4e1a01f33 Remove FS_Read2().
Functionally the same as FS_Read().
Streaming functionality was removed in 672cfbf16f but flag remained.
2017-03-17 04:21:11 -07:00
SmileTheory
b173ac0599 Merge some file writing extension checks from OpenJK.
Thanks Ensiform.
https://github.com/JACoders/OpenJK/commit/05928a57f9e4aae15a3bd0
https://github.com/JACoders/OpenJK/commit/ef124fd0fc48af164581176
2017-03-13 20:44:47 -07:00
SmileTheory
376267d534 Don't load .pk3s as .dlls, and don't load user config files from .pk3s. 2017-03-13 14:14:00 -07:00
Mickaël Thomas
40ec42a425 Don't include (mission)pak_checksums in standalone build
Avoids a compiler warning
2017-03-12 22:57:17 +01:00
Zack Middleton
313064baa4 Fix command line variables not being set correctly
+seta, +sets, and +setu were ignored because Com_AddStartupCommands
thought Com_StartupVariable handled it.

+set didn't allow value to be multiple tokens which due to Unix shell
unintuitively removing quotes causes the variable to only be set to
the first token. This could be worked around by escaping quotes

    ioq3ded +set g_motd \"hello world\"

but it doesn't match behavior of other start up commands (which now
includes seta, sets, and setu) that use all tokens.
2017-02-22 15:16:50 -06:00
Zachary J. Slater
7efe1c97a7 Merge pull request #99 from openmoh/ioq3-SSE-msg
rephrase SSE availability message (thanks)
2017-01-24 19:28:41 -10:00
Zachary J. Slater
6e4e6e8925 Merge pull request #91 from lnussel/master
a VM for ARMv7l (Thank you, Ludwig -zjs)
2017-01-24 19:27:13 -10:00
Zachary J. Slater
bf3c88dcc1 Merge pull request #227 from smcv/old-style-declaration
Don't use mostly obsolete 'register' keyword (Merge or get off the pot.)
2017-01-24 19:17:40 -10:00
Simon McVittie
2ab109b772 Avoid 'register' declarations
gcc 6 with -Wall -Wextra warns:

code/botlib/l_precomp.c: In function ‘PC_NameHash’:
code/botlib/l_precomp.c:551:2: warning: ‘register’ is not at beginning of declaration [-Wold-style-declaration]
  int register hash, i;
  ^~~

Modern compilers either ignore the register storage class when
generating code, or generate better code without it, so just remove
most of them.

The remaining uses are in third-party bundled libraries (libjpeg, zlib),
and in a PowerPC-specific inline function consisting of inline
assembler (because I'm not 100% confident that it doesn't have
some practical use there).
2016-11-01 16:37:38 +00:00
Zack Middleton
10f33b892b Fix removing/creating PID file for base game when switching to/from mods 2016-10-27 22:54:33 -05:00
Zack Middleton
c80f341711 Handle ERR_DROP during Com_GameRestart
If ERR_DROP during Com_GameRestart after shutting down client, Com_Error
needs to restart the client otherwise there is just a black window. Also,
clear the game restarting flag in Com_Error otherwise it's not possible to
run Com_GameRestart again later.

I don't know of a way to trigger ERR_DROP, in FS_Restart for instance,
without engine changes however.
2016-10-09 19:17:58 -05:00
Zack Middleton
755b2f38f0 Offer post-crash safe settings on a per-mod basis
Offer to restore settings when loading a mod that crashed, not the first
mod that gets loaded after a crash. Before the first mod loaded (usually
baseq3) would get the option even if missionpack or some other mod crashed.

- Make pid files separate for each fs_game.
- Remove/write pid every time switching fs_game.
- Create path before writing pid file otherwise it fails on first run.
- Show mod description.txt or fs_game instead of engine name in abnormal
  exit message.
- Check com_fullyInitialized in Com_Error before removing PID,
  otherwise "ioquake3 --version" segfaults when accessing fs_gamevar->string
  (plus not fully initialized isn't really a normal shutdown).
2016-10-09 18:18:08 -05:00
Tim Angus
cce24668f7 Merge pull request #225 from smcv/reproducible-date
Pick up date from SOURCE_DATE_EPOCH, for reproducible builds
2016-09-27 21:05:24 +01:00
Simon McVittie
9c76b546e3 Pick up date from SOURCE_DATE_EPOCH, for reproducible builds
The goal of reproducible builds is that a rebuild of the same source
code with the same compiler, libraries, etc. should result in the same
binaries. SOURCE_DATE_EPOCH provides a standard way for build systems
to fill in the date of the latest source change, typically from a git
commit or from metadata like the debian/changelog in Debian packages.

This does not change anything if SOURCE_DATE_EPOCH is not defined;
the intention is that a larger build system like a Debian package
will define it.

Please see https://reproducible-builds.org/ for more information about
reproducible builds.
2016-09-22 09:02:20 +01:00
Simon McVittie
7d4f9525df Fix mis-spellings of "separating" as "seperating"
Found by Debian's Lintian tool.
2016-09-22 08:56:30 +01:00