ubergames/ioef
0
0
Fork 0
mirror of https://github.com/UberGames/ioef.git synced 2025-02-22 03:21:37 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix possible string buffer overflows in Team Arena UI

Browse source
This commit is contained in:
Zack Middleton 2015-01-12 18:41:06 -06:00
parent 5020361be4
commit 07eb0f6dc9
1 changed files with 15 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
code/ui/ui_main.c
View file

@ -971,7 +971,7 @@ void UI_Load(void) {
menuDef_t *menu = Menu_GetFocused(); menuDef_t *menu = Menu_GetFocused();
char *menuSet = UI_Cvar_VariableString("ui_menuFiles"); char *menuSet = UI_Cvar_VariableString("ui_menuFiles");
if (menu && menu->window.name) { if (menu && menu->window.name) {
strcpy(lastName, menu->window.name); Q_strncpyz(lastName, menu->window.name, sizeof(lastName));
} }
if (menuSet == NULL || menuSet[0] == '\0') { if (menuSet == NULL || menuSet[0] == '\0') {
menuSet = "ui/menus.txt"; menuSet = "ui/menus.txt";
@ -1280,8 +1280,8 @@ static void UI_DrawPlayerModel(rectDef_t *rect) {
vec3_t moveangles; vec3_t moveangles;
if (trap_Cvar_VariableValue("ui_Q3Model")) { if (trap_Cvar_VariableValue("ui_Q3Model")) {
strcpy(model, UI_Cvar_VariableString("model")); Q_strncpyz(model, UI_Cvar_VariableString("model"), sizeof(model));
strcpy(head, UI_Cvar_VariableString("headmodel")); Q_strncpyz(head, UI_Cvar_VariableString("headmodel"), sizeof(head));
if (!q3Model) { if (!q3Model) {
q3Model = qtrue; q3Model = qtrue;
updateModel = qtrue; updateModel = qtrue;
@ -1289,9 +1289,9 @@ static void UI_DrawPlayerModel(rectDef_t *rect) {
team[0] = '\0'; team[0] = '\0';
} else { } else {
strcpy(team, UI_Cvar_VariableString("ui_teamName")); Q_strncpyz(team, UI_Cvar_VariableString("ui_teamName"), sizeof(team));
strcpy(model, UI_Cvar_VariableString("team_model")); Q_strncpyz(model, UI_Cvar_VariableString("team_model"), sizeof(model));
strcpy(head, UI_Cvar_VariableString("team_headmodel")); Q_strncpyz(head, UI_Cvar_VariableString("team_headmodel"), sizeof(head));
if (q3Model) { if (q3Model) {
q3Model = qfalse; q3Model = qfalse;
updateModel = qtrue; updateModel = qtrue;
@ -1490,8 +1490,8 @@ static void UI_DrawOpponent(rectDef_t *rect) {
if (updateOpponentModel) { if (updateOpponentModel) {
strcpy(model, UI_Cvar_VariableString("ui_opponentModel")); Q_strncpyz(model, UI_Cvar_VariableString("ui_opponentModel"), sizeof(model));
strcpy(headmodel, UI_Cvar_VariableString("ui_opponentModel")); Q_strncpyz(headmodel, UI_Cvar_VariableString("ui_opponentModel"), sizeof(headmodel));
team[0] = '\0'; team[0] = '\0';
memset( &info2, 0, sizeof(playerInfo_t) ); memset( &info2, 0, sizeof(playerInfo_t) );
@ -3508,8 +3508,8 @@ static void UI_RunMenuScript(char **args) {
if (String_Parse(args, &orders)) { if (String_Parse(args, &orders)) {
int selectedPlayer = trap_Cvar_VariableValue("cg_selectedPlayer"); int selectedPlayer = trap_Cvar_VariableValue("cg_selectedPlayer");
if (selectedPlayer < uiInfo.myTeamCount) { if (selectedPlayer < uiInfo.myTeamCount) {
strcpy(buff, orders); Com_sprintf( buff, sizeof( buff ), orders, uiInfo.teamClientNums[selectedPlayer] );
trap_Cmd_ExecuteText( EXEC_APPEND, va(buff, uiInfo.teamClientNums[selectedPlayer]) ); trap_Cmd_ExecuteText( EXEC_APPEND, buff );
trap_Cmd_ExecuteText( EXEC_APPEND, "\n" ); trap_Cmd_ExecuteText( EXEC_APPEND, "\n" );
} else { } else {
int i; int i;
@ -3517,8 +3517,8 @@ static void UI_RunMenuScript(char **args) {
if (Q_stricmp(UI_Cvar_VariableString("name"), uiInfo.teamNames[i]) == 0) { if (Q_stricmp(UI_Cvar_VariableString("name"), uiInfo.teamNames[i]) == 0) {
continue; continue;
} }
strcpy(buff, orders); Com_sprintf( buff, sizeof( buff ), orders, uiInfo.teamNames[i] );
trap_Cmd_ExecuteText( EXEC_APPEND, va(buff, uiInfo.teamNames[i]) ); trap_Cmd_ExecuteText( EXEC_APPEND, buff );
trap_Cmd_ExecuteText( EXEC_APPEND, "\n" ); trap_Cmd_ExecuteText( EXEC_APPEND, "\n" );
} }
} }
@ -3545,8 +3545,8 @@ static void UI_RunMenuScript(char **args) {
if (String_Parse(args, &orders)) { if (String_Parse(args, &orders)) {
int selectedPlayer = trap_Cvar_VariableValue("cg_selectedPlayer"); int selectedPlayer = trap_Cvar_VariableValue("cg_selectedPlayer");
if (selectedPlayer < uiInfo.myTeamCount) { if (selectedPlayer < uiInfo.myTeamCount) {
strcpy(buff, orders); Com_sprintf( buff, sizeof( buff ), orders, uiInfo.teamClientNums[selectedPlayer] );
trap_Cmd_ExecuteText( EXEC_APPEND, va(buff, uiInfo.teamClientNums[selectedPlayer]) ); trap_Cmd_ExecuteText( EXEC_APPEND, buff );
trap_Cmd_ExecuteText( EXEC_APPEND, "\n" ); trap_Cmd_ExecuteText( EXEC_APPEND, "\n" );
} }
trap_Key_SetCatcher( trap_Key_GetCatcher() & ~KEYCATCH_UI ); trap_Key_SetCatcher( trap_Key_GetCatcher() & ~KEYCATCH_UI );
@ -5554,7 +5554,7 @@ void UI_DrawConnectScreen( qboolean overlay ) {
if (!Q_stricmp(cstate.servername,"localhost")) { if (!Q_stricmp(cstate.servername,"localhost")) {
Text_PaintCenter(centerPoint, yStart + 48, scale, colorWhite, "Starting up...", ITEM_TEXTSTYLE_SHADOWEDMORE); Text_PaintCenter(centerPoint, yStart + 48, scale, colorWhite, "Starting up...", ITEM_TEXTSTYLE_SHADOWEDMORE);
} else { } else {
strcpy(text, va("Connecting to %s", cstate.servername)); Com_sprintf(text, sizeof(text), "Connecting to %s", cstate.servername);
Text_PaintCenter(centerPoint, yStart + 48, scale, colorWhite,text , ITEM_TEXTSTYLE_SHADOWEDMORE); Text_PaintCenter(centerPoint, yStart + 48, scale, colorWhite,text , ITEM_TEXTSTYLE_SHADOWEDMORE);
} }