Commit graph

130 commits

Author SHA1 Message Date
Thilo Schulz
7d51d75b05 - Fix arbitrary cvar overwrite flaw: http://aluigi.altervista.org/adv.htm
- Add myself to maintainer list :)
2006-07-03 21:37:50 +00:00
Tim Angus
7d657ba62f * sv_minRate (from R1CH)
* [cl|sv]_packetdelay (from tjw)
2006-06-17 19:19:34 +00:00
Thilo Schulz
394c09fa26 Remove chars with ascii value > 127 in MSG_ReadBigString too to make it correspond to the behaviour of WriteBigString. 2006-06-16 21:44:44 +00:00
Thilo Schulz
e02617ee89 Little fix for the sanity check fix from previous rev... 2006-06-16 20:47:29 +00:00
Thilo Schulz
813a6ecdc3 - Fix bug that allows a malicious server to write and overwrite any files in the quake3 directory.
Reported by Luigi Auriemma.
- Moved directory traversal check to a more proper location.
- Added a few sanity checks for checksum/pakname storage to fix a crash that can occur under certain circumstances.
2006-06-16 20:38:08 +00:00
Thilo Schulz
c9c15562ea Fix client "freezes" if a user with ASCII characters > 127 enters a server. Reported by tjw 2006-06-11 14:56:58 +00:00
Thilo Schulz
84296bfc2c Fixed a crash in md4 routines when using them on files with zero length, reported by Lukasz Saduniowski. 2006-06-01 00:58:19 +00:00
Ryan C. Gordon
997dffc649 Correction in PowerPC JIT code. Fixes crash in server browser, etc, on Mac OS X
and probably PowerPC Linux, too...fixes Bugzilla #2519.
2006-05-29 03:02:54 +00:00
Thilo Schulz
a08a539c10 Fix JIT compiler code execution on NX-protected win32 OS 2006-05-15 15:57:02 +00:00
Thilo Schulz
60293f49ee Fix bug that permits download of arbitrary files from a download enabled server by checking requested file name against the list of loaded pk3 files. See CVE-2006-2082 2006-05-08 19:53:41 +00:00
Thilo Schulz
d21411452e Add string length checking to function COM_StripExtension. This fixes the R_RemapShader buffer overflow exploit that can be found here:
http://milw0rm.com/exploits/1750
2006-05-06 01:56:24 +00:00
Thilo Schulz
235e2c215f - Introduced various new typedefs for windows platform (int32_t, int64_t, etc...)
- Applied md5 64-bit safety patch by Tony White.
2006-04-27 13:39:41 +00:00
Thilo Schulz
c116695ea7 - "baseq3" literal replacement patch (by Erik Auerswald) applied
- Commented setting of the cl_guid cvar because md5.c is not 64-bit safe.
2006-04-26 13:36:58 +00:00
Thilo Schulz
70fca10af2 Replaced various "baseq3" strings with the centrally defined BASEGAME macro. 2006-04-26 11:27:12 +00:00
Thilo Schulz
31fdab187c Fix didn't work yet because it didn't use the buffer where the filename extension chop-off is done. D'oh! 2006-04-23 20:04:42 +00:00
Tim Angus
56294e2da8 * Oops 2006-04-23 18:04:51 +00:00
Tim Angus
8aecee5158 * cl_guid for semi-reliable server authentication (from tjw) 2006-04-22 22:21:56 +00:00
Thilo Schulz
40d5eee8ef Fix prohibits illegal downloading of id PK3 files from servers. That bug is hit by *every* official server release from ID. 2006-04-22 18:24:50 +00:00
Thilo Schulz
e7daf33d8e - botlib logfile now gets stored in the fs_game directory in fs_homepath. (patch from Erik Auerswald)
- Added proper error handling when fopening qconsole.log
- Fixed bug where r_chat.c gets loaded in botlib even when bot_nochat is 1.
2006-04-21 17:04:21 +00:00
Zachary Slater
9ee853343e Was that intentional? (version change) 2006-04-19 22:51:20 +00:00
Tim Angus
f63472025f * Change window title 2006-03-24 17:28:27 +00:00
Ludwig Nussel
be6ca402e8 accept pak0.pk3 in demoq3/ as well 2006-03-08 11:02:20 +00:00
Ludwig Nussel
39f2e449b6 use mmap to allocate memory for generated code to be able to set PROT_EXEC 2006-03-04 11:14:44 +00:00
Tim Angus
4ec0c94828 * Displace the '\n's passed to SV_Shutdown 2006-02-28 23:01:23 +00:00
Ludwig Nussel
a99e721711 try to fix msvc build 2006-02-26 20:01:45 +00:00
Aaron Gyes
966ffaa0f2 o rly 2006-02-20 22:08:23 +00:00
Aaron Gyes
cc9ead2fd7 Bump version number. 2006-02-20 22:04:16 +00:00
Ludwig Nussel
4c242115dc - change long to intptr_t for 64bit windows compatability
- change vmMain arguments back to int. 64bit types are apparently not
  needed there. Only the syscall function needs them.
2006-02-18 19:07:23 +00:00
Tim Angus
ab29f29495 * Fix to a memory leak in CM_ValidateFacet 2006-01-27 18:14:01 +00:00
Tim Angus
8a6be4aef4 * Persistent console history 2006-01-24 04:35:19 +00:00
Tim Angus
4ab96373e6 * Only check the checksum on baseq3 pak0.pk3 2006-01-22 17:05:43 +00:00
Tim Angus
c3f7915a8b * Overhaul of console autocompletion
- No longer does weird stuff like move the cursor inappropriately
  - Autocomplete works with compound commands
  - Special autocomplete on some commands e.g. \map, \demo
  - Removed various hacks used to counter the original autocomplete code
2006-01-22 01:58:50 +00:00
Tim Angus
7913ec3c4b * Fix a bug with command/cvar autocompletion 2006-01-21 01:35:42 +00:00
Tim Angus
58c8175024 * Added Q_isnan for NaN tests with -ffast-math
* Fixed UT/OpenAL work around
2006-01-19 20:28:12 +00:00
Tim Angus
6a396f761f * Yet another MD4 implementation
* Removed Com_BlockChecksumkey and replaced its functionality in the calling
  function
2006-01-18 15:53:50 +00:00
Tim Angus
0856744622 * GPL MD4 implementation
* Removed obsolete compilation instructions from the id readme
* Removed MD4 license from the id readme
2006-01-18 01:20:42 +00:00
Tim Angus
b4898caac4 * Fix to a stupid bug I introduced whilst trying to be clever 2006-01-15 15:30:52 +00:00
Tim Angus
e74947be2c * x86 OS X support 2006-01-15 15:22:13 +00:00
Tim Angus
216bda8cd7 * Patch from https://bugzilla.icculus.org/show_bug.cgi?id=2540 2006-01-13 20:54:07 +00:00
Ludwig Nussel
13039ef44f make memory for generated opcodes executable so the program works with
enabled NX feature.
2006-01-06 19:11:05 +00:00
Tim Angus
e95f1f2106 * Fix to the gcc4/-O0 x86 JIT compiler bug 2006-01-06 00:04:05 +00:00
Tim Angus
560b02488c * Up the defaults for zone and hunk memory since some mods (UT) have large
memory requirements that will have increased versus 1.32b due to some of the
  alignment fixes
2006-01-05 16:49:59 +00:00
Tim Angus
1171a63aea * Remove FS_SetRestrictions
* Add FS_CheckPak0 for better error messages where dumb users are involved
2006-01-05 02:06:25 +00:00
Tim Angus
6e24cfe7d3 * Fix the MinGW and (hopefully) OS X builds
* Remove custom memcpy/memset code
2006-01-04 03:40:49 +00:00
Tim Angus
a21eb2bbcb * AVI video output
- Uses motion jpeg codec by default
  - Use cl_avidemo to set a framerate
  - \video [filename] to start capture
  - \stopvideo to stop capture
  - Audio capture is a bit ropey
2006-01-04 03:12:12 +00:00
Ludwig Nussel
92ad3e99dc fix typo in comment 2005-12-30 17:52:56 +00:00
Tim Angus
db5faeaeaa * NetBSD support patch from optical (alex@rigbo.se) 2005-12-27 19:46:01 +00:00
Tim Angus
1704eecc52 * Replaced ALIGN macro with PAD
* Moved ALIGN16 macro from tr_local.h to ALIGN in q_shared.h
2005-12-05 17:32:54 +00:00
Ryan C. Gordon
cfdd586ef8 Look for correct filename extension when loading native DLLs. 2005-12-05 01:11:41 +00:00
Ryan C. Gordon
ff9c89f8fe Better altivec cvar handling. Should fix crashes at startup, or curious
people that toggle it on at runtime on a G3.
2005-12-04 21:40:25 +00:00