Commit graph

90 commits

Author SHA1 Message Date
Thilo Schulz
813a6ecdc3 - Fix bug that allows a malicious server to write and overwrite any files in the quake3 directory.
Reported by Luigi Auriemma.
- Moved directory traversal check to a more proper location.
- Added a few sanity checks for checksum/pakname storage to fix a crash that can occur under certain circumstances.
2006-06-16 20:38:08 +00:00
Thilo Schulz
99abd01c2f Fix remotely exploitable parse download overflow reported by Luigi Auriemma.
See http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046578.html
for the advisory.
2006-06-04 13:45:53 +00:00
Thilo Schulz
9af85d9378 Forgot to check for windows-style path seperator in precaution against directory traversal abuse. 2006-06-01 00:23:46 +00:00
Thilo Schulz
503c0a22c6 Partially applied patch from Joerg Dietrich. Fixes:
- incorrect handling of file names when opening sound files by name without extension
 - byte endian issues in ogg decoder.
2006-06-01 00:14:56 +00:00
Thilo Schulz
856a397e8c Prevent servers from making clients download files that are written to non-quake3 directories. 2006-05-28 14:36:37 +00:00
Thilo Schulz
27df5fca31 Corrected #include directives of openal headers for MSVC. 2006-05-13 12:18:43 +00:00
Thilo Schulz
d21411452e Add string length checking to function COM_StripExtension. This fixes the R_RemapShader buffer overflow exploit that can be found here:
http://milw0rm.com/exploits/1750
2006-05-06 01:56:24 +00:00
Thilo Schulz
2675960c2c removed a space too much after "say_team: " chat prompt. 2006-05-04 15:37:08 +00:00
Thilo Schulz
1847c321f0 - Added SV_Shutdown to Linux signal handler to ensure that clients don't hang when server gets killed, as suggested by Tony J. White
- Added newline to final message sent to clients.
- Added check for whether client is running at all before CL_Shutdown runs through.
2006-05-04 13:59:58 +00:00
Thilo Schulz
235e2c215f - Introduced various new typedefs for windows platform (int32_t, int64_t, etc...)
- Applied md5 64-bit safety patch by Tony White.
2006-04-27 13:39:41 +00:00
Thilo Schulz
c116695ea7 - "baseq3" literal replacement patch (by Erik Auerswald) applied
- Commented setting of the cl_guid cvar because md5.c is not 64-bit safe.
2006-04-26 13:36:58 +00:00
Tim Angus
8aecee5158 * cl_guid for semi-reliable server authentication (from tjw) 2006-04-22 22:21:56 +00:00
Tim Angus
2b75754cdb * Removed strange MacOS X #ifdeffery from cl_cin.c (from tjw) 2006-04-14 20:11:42 +00:00
Tim Angus
d72fd2e6e7 * Video export doesn't crap out with sv_pure 1 anymore
* Video export doesn't crap out when writing > 2Gb files anymore
2006-03-15 22:41:38 +00:00
Tim Angus
4ec0c94828 * Displace the '\n's passed to SV_Shutdown 2006-02-28 23:01:23 +00:00
Tim Angus
ef4dad1875 * Entity sounds on the player entity are now AL_SOURCE_RELATIVE
* Thus no need to s_alSpatEntOrigin anymore
2006-02-28 21:52:25 +00:00
Tim Angus
40a5ee007f * Sound related bug fixes from Thilo Schulz 2006-02-26 18:47:39 +00:00
Tim Angus
0e0aac2cb6 * Change the default for s_alSpatEntOrigin. I need to think of a way to do the
same thing without degrading the sound quality or changing the API.
2006-02-23 20:43:34 +00:00
Tim Angus
cb1a097db7 * Fix to half of bug #2600 (Refuse to load RIFF files with less than 8 bits per
sample)
2006-02-21 22:29:29 +00:00
Tim Angus
659ded3a41 * Fix to bug #2599 (fullscreen cinematics) 2006-02-21 21:29:26 +00:00
Ludwig Nussel
4c242115dc - change long to intptr_t for 64bit windows compatability
- change vmMain arguments back to int. 64bit types are apparently not
  needed there. Only the syscall function needs them.
2006-02-18 19:07:23 +00:00
Tim Angus
26b4ed2f7d * Fix to a woopsie 2006-02-13 18:17:08 +00:00
Tim Angus
932ca8027c * OpenAL now respatializes using the player entity origin instead of the view
origin by default. The old behaviour is available by setting
  s_alSpatEntOrigin to 0.
2006-02-12 10:43:37 +00:00
Tim Angus
ef19ccd56f * Removed (unintentional) C99 code 2006-02-07 18:36:17 +00:00
Maik
602743a25b * workaround for msvc compiler bug. 2006-02-07 12:26:53 +00:00
Tim Angus
2e19bdfb5d * Reimplement console history recall "bug" behaviour without the bug 2006-02-04 00:28:57 +00:00
Tim Angus
91b2b9297a * Fix to an obo bug in the console history recall code 2006-01-28 23:26:23 +00:00
Tim Angus
947ebb932e * SDL build no longer requires a vid_restart when changing r_fullscreen 2006-01-25 17:57:53 +00:00
Tim Angus
8a6be4aef4 * Persistent console history 2006-01-24 04:35:19 +00:00
Tim Angus
704c151eb1 * Fix to an OpenAL "bug" involving Team Arena 2006-01-22 21:09:55 +00:00
Tim Angus
3404fbac56 * Fix the operation of the delete key in *nix 2006-01-22 17:07:21 +00:00
Tim Angus
c3f7915a8b * Overhaul of console autocompletion
- No longer does weird stuff like move the cursor inappropriately
  - Autocomplete works with compound commands
  - Special autocomplete on some commands e.g. \map, \demo
  - Removed various hacks used to counter the original autocomplete code
2006-01-22 01:58:50 +00:00
Tim Angus
893629fb0f * Fix to ability to diabled Ogg Vorbis 2006-01-21 15:09:35 +00:00
Tim Angus
58c8175024 * Added Q_isnan for NaN tests with -ffast-math
* Fixed UT/OpenAL work around
2006-01-19 20:28:12 +00:00
Tim Angus
50a10f2690 * Some sloppily coded mods call the Q3 sound API with NaNs -- sanitise this 2006-01-19 17:25:55 +00:00
Tim Angus
fc8fcd7af5 * Don't try to auto record a demo while playing a demo 2006-01-16 04:00:30 +00:00
Tim Angus
d4bd2fd737 * Change defaults for s_alRolloff and s_alMinDistance 2006-01-15 15:45:12 +00:00
Tim Angus
a166f2173a * Oops. Rename cl_avidemo to cl_aviFrameRate 2006-01-06 22:28:07 +00:00
Tim Angus
dbf7caec10 * Ogg codec support from Joerg Dietrich <dietrich_joerg@gmx.de> (disabled by
default)
2006-01-06 17:36:03 +00:00
Tim Angus
58e7fc0a1a * Added cl_autoRecordDemo, which when enabled automatically records a new demo
on each map change
2006-01-05 00:15:47 +00:00
Tim Angus
0c9d2c365a * Only display the g_syncClients warning when it's appropriate 2006-01-04 21:48:20 +00:00
Tim Angus
a21eb2bbcb * AVI video output
- Uses motion jpeg codec by default
  - Use cl_avidemo to set a framerate
  - \video [filename] to start capture
  - \stopvideo to stop capture
  - Audio capture is a bit ropey
2006-01-04 03:12:12 +00:00
Tim Angus
6c6396a54f * Increase default for s_alSources to 96
* Source allocation warning on looping sounds demoted to developer only
2005-12-11 21:14:45 +00:00
Ludwig Nussel
81c15bc41d use memcpy for copying stuff around to fix alignment problems 2005-12-06 23:11:25 +00:00
Tim Angus
9bd6709e10 * Removed seemingly unnecessary OS X implementation of yuv_to_rgb24 2005-12-06 20:52:29 +00:00
Tim Angus
2499d9b0f5 * Solaris patch from Vincent S. Cojot 2005-12-06 19:03:39 +00:00
Tim Angus
1704eecc52 * Replaced ALIGN macro with PAD
* Moved ALIGN16 macro from tr_local.h to ALIGN in q_shared.h
2005-12-05 17:32:54 +00:00
Tim Angus
e67d270f2a * Same as last revision, but I didn't forget to save this time 2005-12-03 16:36:45 +00:00
Tim Angus
5cc1fb1c05 * Improved the robustity^Wrobustosity^Wrobustness of the OpenAL music and raw
stream systems
* Implemented S_AL_BufferEvict for more graceful behaviour when OpenAL runs
  out of memory
2005-12-03 00:19:27 +00:00
Tim Angus
0f8c177cf3 * Fix to an OpenAL "bug" 2005-12-02 00:14:24 +00:00