ubergames/ioef
0
0
Fork 0
mirror of https://github.com/UberGames/ioef.git synced 2025-02-17 17:31:08 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Fix bug #4769 remote server crash

Browse source 
- Fix potential 1-byte-buffer overflow in gamecode
This commit is contained in:
Thilo Schulz 2011-02-03 02:54:36 +00:00
parent 16c83ae2c5
commit cf791d14c5
2 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
code/game/g_svcmds.c
View file

@ -155,7 +155,7 @@ static void UpdateIPBans (void)
Q_strcat(ip, sizeof(ip), va("%i", b[j])); Q_strcat(ip, sizeof(ip), va("%i", b[j]));
Q_strcat(ip, sizeof(ip), (j<3) ? "." : " "); Q_strcat(ip, sizeof(ip), (j<3) ? "." : " ");
} }
if (strlen(iplist_final)+strlen(ip) < MAX_CVAR_VALUE_STRING) if (strlen(iplist_final)+strlen(ip) < MAX_CVAR_VALUE_STRING - 1)
{ {
Q_strcat( iplist_final, sizeof(iplist_final), ip); Q_strcat( iplist_final, sizeof(iplist_final), ip);
} }

15
code/qcommon/cmd.c
View file

@ -435,11 +435,20 @@ char *Cmd_Cmd(void)
Replace command separators with space to prevent interpretation Replace command separators with space to prevent interpretation
This is a hack to protect buggy qvms This is a hack to protect buggy qvms
https://bugzilla.icculus.org/show_bug.cgi?id=3593 https://bugzilla.icculus.org/show_bug.cgi?id=3593
https://bugzilla.icculus.org/show_bug.cgi?id=4769
*/ */
void Cmd_Args_Sanitize( void ) {
void Cmd_Args_Sanitize(void)
{
int i; int i;
for ( i = 1 ; i < cmd_argc ; i++ ) {
char* c = cmd_argv[i]; for(i = 1; i < cmd_argc; i++)
{
char *c = cmd_argv[i];
if(strlen(c) > MAX_CVAR_VALUE_STRING - 1)
c[MAX_CVAR_VALUE_STRING - 1] = '\0';
while ((c = strpbrk(c, "\n\r;"))) { while ((c = strpbrk(c, "\n\r;"))) {
*c = ' '; *c = ' ';
++c; ++c;