Thilo Schulz
2c14f02ee5
Revert "fix" because it was based on wrong assumptions and actually doesn't fix anything at all.
2006-07-17 19:15:36 +00:00
Thilo Schulz
57a5f2571a
Fix wrong means of death message in server log.
2006-07-09 16:36:33 +00:00
Ludwig Nussel
6327f1ce47
looks like the interpreter was broken all the time. Didn't anyone
...
notice?
2006-07-06 09:25:17 +00:00
Thilo Schulz
fc244c97ef
Fix critical buffer overflow in cgame, see exploit at http://www.milw0rm.com/exploits/1977
2006-07-06 00:37:56 +00:00
Ludwig Nussel
a24ffc0dd5
- print warning if server tries to set cvars it shouldn't set
...
- make warnings yellow
2006-07-05 20:30:53 +00:00
Thilo Schulz
7d51d75b05
- Fix arbitrary cvar overwrite flaw: http://aluigi.altervista.org/adv.htm
...
- Add myself to maintainer list :)
2006-07-03 21:37:50 +00:00
Tim Angus
d42b87ae87
* OpenAL bug fix (from Josh Weisskopf)
2006-06-17 21:01:57 +00:00
Tim Angus
ce0100138c
* Better SDL joystick support (from Erik Auerswald)
2006-06-17 20:30:38 +00:00
Tim Angus
7d657ba62f
* sv_minRate (from R1CH)
...
* [cl|sv]_packetdelay (from tjw)
2006-06-17 19:19:34 +00:00
Thilo Schulz
394c09fa26
Remove chars with ascii value > 127 in MSG_ReadBigString too to make it correspond to the behaviour of WriteBigString.
2006-06-16 21:44:44 +00:00
Thilo Schulz
e02617ee89
Little fix for the sanity check fix from previous rev...
2006-06-16 20:47:29 +00:00
Thilo Schulz
813a6ecdc3
- Fix bug that allows a malicious server to write and overwrite any files in the quake3 directory.
...
Reported by Luigi Auriemma.
- Moved directory traversal check to a more proper location.
- Added a few sanity checks for checksum/pakname storage to fix a crash that can occur under certain circumstances.
2006-06-16 20:38:08 +00:00
Thilo Schulz
c9c15562ea
Fix client "freezes" if a user with ASCII characters > 127 enters a server. Reported by tjw
2006-06-11 14:56:58 +00:00
Thilo Schulz
d9fe81c08e
Add HAVE_VM_COMPILED=true for x86 FreeBSD so vm_x86.c gets built.
2006-06-06 22:49:42 +00:00
Ludwig Nussel
eaa8f1c989
refactor platform specific stuff a bit
2006-06-06 18:09:09 +00:00
Thilo Schulz
99abd01c2f
Fix remotely exploitable parse download overflow reported by Luigi Auriemma.
...
See http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046578.html
for the advisory.
2006-06-04 13:45:53 +00:00
Thilo Schulz
84296bfc2c
Fixed a crash in md4 routines when using them on files with zero length, reported by Lukasz Saduniowski.
2006-06-01 00:58:19 +00:00
Thilo Schulz
9af85d9378
Forgot to check for windows-style path seperator in precaution against directory traversal abuse.
2006-06-01 00:23:46 +00:00
Thilo Schulz
503c0a22c6
Partially applied patch from Joerg Dietrich. Fixes:
...
- incorrect handling of file names when opening sound files by name without extension
- byte endian issues in ogg decoder.
2006-06-01 00:14:56 +00:00
Ryan C. Gordon
997dffc649
Correction in PowerPC JIT code. Fixes crash in server browser, etc, on Mac OS X
...
and probably PowerPC Linux, too...fixes Bugzilla #2519 .
2006-05-29 03:02:54 +00:00
Thilo Schulz
856a397e8c
Prevent servers from making clients download files that are written to non-quake3 directories.
2006-05-28 14:36:37 +00:00
Zachary Slater
af7fa1784d
sdl1111111111111111111111111111
2006-05-25 16:22:19 +00:00
Zachary Slater
febd62a4bc
Since we've hit the second time for this being asked...
2006-05-22 04:48:09 +00:00
Thilo Schulz
d2b5dd1e8a
Applied parts of Josh Weisskopf's patch to make naming of executables consistent with Linux.
2006-05-16 07:11:39 +00:00
Thilo Schulz
e5c0581d52
Added two missing source files to the MSVC project files
2006-05-16 07:03:36 +00:00
Thilo Schulz
6fe78df757
Fixed missing initialization of idPack and missionPack variables which may result in failure to autodownload files from the server even if legitimate.
2006-05-15 19:50:44 +00:00
Thilo Schulz
a08a539c10
Fix JIT compiler code execution on NX-protected win32 OS
2006-05-15 15:57:02 +00:00
Thilo Schulz
27df5fca31
Corrected #include directives of openal headers for MSVC.
2006-05-13 12:18:43 +00:00
Thilo Schulz
60293f49ee
Fix bug that permits download of arbitrary files from a download enabled server by checking requested file name against the list of loaded pk3 files. See CVE-2006-2082
2006-05-08 19:53:41 +00:00
Tim Angus
fda7db7619
* Fix the MinGW build. Ugh.
2006-05-06 16:01:41 +00:00
Thilo Schulz
e1c5be3ab0
Added return; statement so it doesn't complain when it receives a remapShader command.
2006-05-06 12:11:24 +00:00
Thilo Schulz
5ebb75e651
Fix remapShader command in cgame and tweak it in ui.
2006-05-06 10:54:55 +00:00
Ludwig Nussel
63d2010914
add update_url. Maybe we need it in the future
2006-05-06 08:46:21 +00:00
Thilo Schulz
d21411452e
Add string length checking to function COM_StripExtension. This fixes the R_RemapShader buffer overflow exploit that can be found here:
...
http://milw0rm.com/exploits/1750
2006-05-06 01:56:24 +00:00
Zachary Slater
2e368c02a6
Hm, thought I added this earlier.
2006-05-04 23:58:08 +00:00
Thilo Schulz
2675960c2c
removed a space too much after "say_team: " chat prompt.
2006-05-04 15:37:08 +00:00
Thilo Schulz
1847c321f0
- Added SV_Shutdown to Linux signal handler to ensure that clients don't hang when server gets killed, as suggested by Tony J. White
...
- Added newline to final message sent to clients.
- Added check for whether client is running at all before CL_Shutdown runs through.
2006-05-04 13:59:58 +00:00
Thilo Schulz
2583351211
- Replaced SV_GetPlayerByName with SV_GetPlayerByHandle that supports lookup of client_t structures by playernum, too.
...
That means the ban and kick commands will now accept the playernum - as seen in the status command - as argument.
2006-05-02 21:20:07 +00:00
Thilo Schulz
7b6fe90aad
Fix "Net_CompareAdr: Bad address type" error message when starting a new map with bots.
2006-05-02 17:53:26 +00:00
Ludwig Nussel
8895df0925
- remove leftover anistropic filtering variables from glconfig_t
...
- check size of glconfig_t to prevent accidential ABI breakage in the future
2006-04-30 15:00:39 +00:00
Thilo Schulz
12a2b7694a
- Fixed incompatibility to original VMs introduced by anisotropic filtering patch.
...
- Removed dependency of flares from tr.identityLight because they are barely visible with r_overbrightbits set to 1
2006-04-30 14:32:56 +00:00
Thilo Schulz
82c4c70535
- Fix r_overBrightBits variable getting ignored on Linux
...
- Replaced SDL_SetGamma by SDL_SetGammaRamp with gamma behaviour now matching win_gamma.c
2006-04-30 13:50:13 +00:00
Thilo Schulz
75eb99b716
SDL built won't get copied anymore because it gets built by default even if SMP doesn't work.
2006-04-29 19:54:54 +00:00
Thilo Schulz
e8a5e4c1ad
Applied patch by Ben Noordhuis:
...
- Fix for "make copyfile" errors when certain parts are not built.
- SMP binary and QVMs now get copied when built
2006-04-29 19:11:37 +00:00
Tim Angus
d475dfef97
* Yet another tweak to the long server uptime bug fix
2006-04-28 17:31:02 +00:00
Thilo Schulz
f1afb6ae1a
Added readme detailing about the MD4/MDR format ioquake3 supports.
2006-04-27 15:49:17 +00:00
Thilo Schulz
55453fd919
Fix for skybox blacklines bug on non-SDL compilations.
2006-04-27 14:48:35 +00:00
Thilo Schulz
235e2c215f
- Introduced various new typedefs for windows platform (int32_t, int64_t, etc...)
...
- Applied md5 64-bit safety patch by Tony White.
2006-04-27 13:39:41 +00:00
Thilo Schulz
c116695ea7
- "baseq3" literal replacement patch (by Erik Auerswald) applied
...
- Commented setting of the cl_guid cvar because md5.c is not 64-bit safe.
2006-04-26 13:36:58 +00:00
Thilo Schulz
dbdc92d4be
strupr'ing demo filenames breaks demo selection on case sensitive file systems.
2006-04-26 11:31:18 +00:00