Commit graph

537 commits

Author SHA1 Message Date
Thilo Schulz
2c14f02ee5 Revert "fix" because it was based on wrong assumptions and actually doesn't fix anything at all. 2006-07-17 19:15:36 +00:00
Thilo Schulz
57a5f2571a Fix wrong means of death message in server log. 2006-07-09 16:36:33 +00:00
Ludwig Nussel
6327f1ce47 looks like the interpreter was broken all the time. Didn't anyone
notice?
2006-07-06 09:25:17 +00:00
Thilo Schulz
fc244c97ef Fix critical buffer overflow in cgame, see exploit at http://www.milw0rm.com/exploits/1977 2006-07-06 00:37:56 +00:00
Ludwig Nussel
a24ffc0dd5 - print warning if server tries to set cvars it shouldn't set
- make warnings yellow
2006-07-05 20:30:53 +00:00
Thilo Schulz
7d51d75b05 - Fix arbitrary cvar overwrite flaw: http://aluigi.altervista.org/adv.htm
- Add myself to maintainer list :)
2006-07-03 21:37:50 +00:00
Tim Angus
d42b87ae87 * OpenAL bug fix (from Josh Weisskopf) 2006-06-17 21:01:57 +00:00
Tim Angus
ce0100138c * Better SDL joystick support (from Erik Auerswald) 2006-06-17 20:30:38 +00:00
Tim Angus
7d657ba62f * sv_minRate (from R1CH)
* [cl|sv]_packetdelay (from tjw)
2006-06-17 19:19:34 +00:00
Thilo Schulz
394c09fa26 Remove chars with ascii value > 127 in MSG_ReadBigString too to make it correspond to the behaviour of WriteBigString. 2006-06-16 21:44:44 +00:00
Thilo Schulz
e02617ee89 Little fix for the sanity check fix from previous rev... 2006-06-16 20:47:29 +00:00
Thilo Schulz
813a6ecdc3 - Fix bug that allows a malicious server to write and overwrite any files in the quake3 directory.
Reported by Luigi Auriemma.
- Moved directory traversal check to a more proper location.
- Added a few sanity checks for checksum/pakname storage to fix a crash that can occur under certain circumstances.
2006-06-16 20:38:08 +00:00
Thilo Schulz
c9c15562ea Fix client "freezes" if a user with ASCII characters > 127 enters a server. Reported by tjw 2006-06-11 14:56:58 +00:00
Thilo Schulz
d9fe81c08e Add HAVE_VM_COMPILED=true for x86 FreeBSD so vm_x86.c gets built. 2006-06-06 22:49:42 +00:00
Ludwig Nussel
eaa8f1c989 refactor platform specific stuff a bit 2006-06-06 18:09:09 +00:00
Thilo Schulz
99abd01c2f Fix remotely exploitable parse download overflow reported by Luigi Auriemma.
See http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046578.html
for the advisory.
2006-06-04 13:45:53 +00:00
Thilo Schulz
84296bfc2c Fixed a crash in md4 routines when using them on files with zero length, reported by Lukasz Saduniowski. 2006-06-01 00:58:19 +00:00
Thilo Schulz
9af85d9378 Forgot to check for windows-style path seperator in precaution against directory traversal abuse. 2006-06-01 00:23:46 +00:00
Thilo Schulz
503c0a22c6 Partially applied patch from Joerg Dietrich. Fixes:
- incorrect handling of file names when opening sound files by name without extension
 - byte endian issues in ogg decoder.
2006-06-01 00:14:56 +00:00
Ryan C. Gordon
997dffc649 Correction in PowerPC JIT code. Fixes crash in server browser, etc, on Mac OS X
and probably PowerPC Linux, too...fixes Bugzilla #2519.
2006-05-29 03:02:54 +00:00
Thilo Schulz
856a397e8c Prevent servers from making clients download files that are written to non-quake3 directories. 2006-05-28 14:36:37 +00:00
Zachary Slater
af7fa1784d sdl1111111111111111111111111111 2006-05-25 16:22:19 +00:00
Zachary Slater
febd62a4bc Since we've hit the second time for this being asked... 2006-05-22 04:48:09 +00:00
Thilo Schulz
d2b5dd1e8a Applied parts of Josh Weisskopf's patch to make naming of executables consistent with Linux. 2006-05-16 07:11:39 +00:00
Thilo Schulz
e5c0581d52 Added two missing source files to the MSVC project files 2006-05-16 07:03:36 +00:00
Thilo Schulz
6fe78df757 Fixed missing initialization of idPack and missionPack variables which may result in failure to autodownload files from the server even if legitimate. 2006-05-15 19:50:44 +00:00
Thilo Schulz
a08a539c10 Fix JIT compiler code execution on NX-protected win32 OS 2006-05-15 15:57:02 +00:00
Thilo Schulz
27df5fca31 Corrected #include directives of openal headers for MSVC. 2006-05-13 12:18:43 +00:00
Thilo Schulz
60293f49ee Fix bug that permits download of arbitrary files from a download enabled server by checking requested file name against the list of loaded pk3 files. See CVE-2006-2082 2006-05-08 19:53:41 +00:00
Tim Angus
fda7db7619 * Fix the MinGW build. Ugh. 2006-05-06 16:01:41 +00:00
Thilo Schulz
e1c5be3ab0 Added return; statement so it doesn't complain when it receives a remapShader command. 2006-05-06 12:11:24 +00:00
Thilo Schulz
5ebb75e651 Fix remapShader command in cgame and tweak it in ui. 2006-05-06 10:54:55 +00:00
Ludwig Nussel
63d2010914 add update_url. Maybe we need it in the future 2006-05-06 08:46:21 +00:00
Thilo Schulz
d21411452e Add string length checking to function COM_StripExtension. This fixes the R_RemapShader buffer overflow exploit that can be found here:
http://milw0rm.com/exploits/1750
2006-05-06 01:56:24 +00:00
Zachary Slater
2e368c02a6 Hm, thought I added this earlier. 2006-05-04 23:58:08 +00:00
Thilo Schulz
2675960c2c removed a space too much after "say_team: " chat prompt. 2006-05-04 15:37:08 +00:00
Thilo Schulz
1847c321f0 - Added SV_Shutdown to Linux signal handler to ensure that clients don't hang when server gets killed, as suggested by Tony J. White
- Added newline to final message sent to clients.
- Added check for whether client is running at all before CL_Shutdown runs through.
2006-05-04 13:59:58 +00:00
Thilo Schulz
2583351211 - Replaced SV_GetPlayerByName with SV_GetPlayerByHandle that supports lookup of client_t structures by playernum, too.
That means the ban and kick commands will now accept the playernum - as seen in the status command - as argument.
2006-05-02 21:20:07 +00:00
Thilo Schulz
7b6fe90aad Fix "Net_CompareAdr: Bad address type" error message when starting a new map with bots. 2006-05-02 17:53:26 +00:00
Ludwig Nussel
8895df0925 - remove leftover anistropic filtering variables from glconfig_t
- check size of glconfig_t to prevent accidential ABI breakage in the future
2006-04-30 15:00:39 +00:00
Thilo Schulz
12a2b7694a - Fixed incompatibility to original VMs introduced by anisotropic filtering patch.
- Removed dependency of flares from tr.identityLight because they are barely visible with r_overbrightbits set to 1
2006-04-30 14:32:56 +00:00
Thilo Schulz
82c4c70535 - Fix r_overBrightBits variable getting ignored on Linux
- Replaced SDL_SetGamma by SDL_SetGammaRamp with gamma behaviour now matching win_gamma.c
2006-04-30 13:50:13 +00:00
Thilo Schulz
75eb99b716 SDL built won't get copied anymore because it gets built by default even if SMP doesn't work. 2006-04-29 19:54:54 +00:00
Thilo Schulz
e8a5e4c1ad Applied patch by Ben Noordhuis:
- Fix for "make copyfile" errors when certain parts are not built.
- SMP binary and QVMs now get copied when built
2006-04-29 19:11:37 +00:00
Tim Angus
d475dfef97 * Yet another tweak to the long server uptime bug fix 2006-04-28 17:31:02 +00:00
Thilo Schulz
f1afb6ae1a Added readme detailing about the MD4/MDR format ioquake3 supports. 2006-04-27 15:49:17 +00:00
Thilo Schulz
55453fd919 Fix for skybox blacklines bug on non-SDL compilations. 2006-04-27 14:48:35 +00:00
Thilo Schulz
235e2c215f - Introduced various new typedefs for windows platform (int32_t, int64_t, etc...)
- Applied md5 64-bit safety patch by Tony White.
2006-04-27 13:39:41 +00:00
Thilo Schulz
c116695ea7 - "baseq3" literal replacement patch (by Erik Auerswald) applied
- Commented setting of the cl_guid cvar because md5.c is not 64-bit safe.
2006-04-26 13:36:58 +00:00
Thilo Schulz
dbdc92d4be strupr'ing demo filenames breaks demo selection on case sensitive file systems. 2006-04-26 11:31:18 +00:00