From fb58d8f1231b73c75eb7381637d2d4ef15e7b0e0 Mon Sep 17 00:00:00 2001 From: Tim Angus Date: Sun, 1 Apr 2007 13:38:17 +0000 Subject: [PATCH] * Move storage of console history from a cvar to a file in order to alleviate security concerns --- code/client/cl_keys.c | 121 ++++++++++++++++++++++++++---------------- 1 file changed, 74 insertions(+), 47 deletions(-) diff --git a/code/client/cl_keys.c b/code/client/cl_keys.c index a5188072..05d6a42f 100644 --- a/code/client/cl_keys.c +++ b/code/client/cl_keys.c @@ -1372,8 +1372,10 @@ void Key_ClearStates (void) } // This must not exceed MAX_CMD_LINE -#define MAX_CONSOLE_SAVE_BUFFER 1024 -static char consoleSaveBuffer[ MAX_CONSOLE_SAVE_BUFFER ]; +#define MAX_CONSOLE_SAVE_BUFFER 1024 +#define CONSOLE_HISTORY_FILE "q3history" +static char consoleSaveBuffer[ MAX_CONSOLE_SAVE_BUFFER ]; +static int consoleSaveBufferSize = 0; /* ================ @@ -1384,51 +1386,63 @@ Load the console history from cl_consoleHistory */ void CL_LoadConsoleHistory( void ) { - char *token, *text_p; - int i, numChars, numLines = 0; - cvar_t *cv; + char *token, *text_p; + int i, numChars, numLines = 0; + fileHandle_t f; - cv = Cvar_Get( "cl_consoleHistory", "", CVAR_ARCHIVE|CVAR_ROM ); - Q_strncpyz( consoleSaveBuffer, cv->string, MAX_CONSOLE_SAVE_BUFFER ); - - text_p = consoleSaveBuffer; - - for( i = COMMAND_HISTORY - 1; i >= 0; i-- ) + consoleSaveBufferSize = FS_FOpenFileRead( CONSOLE_HISTORY_FILE, &f, qfalse ); + if( !f ) { - if( !*( token = COM_Parse( &text_p ) ) ) - break; - - historyEditLines[ i ].cursor = atoi( token ); - - if( !*( token = COM_Parse( &text_p ) ) ) - break; - - historyEditLines[ i ].scroll = atoi( token ); - - if( !*( token = COM_Parse( &text_p ) ) ) - break; - - numChars = atoi( token ); - text_p++; - if( numChars > ( strlen( consoleSaveBuffer ) - ( text_p - consoleSaveBuffer ) ) ) - { - Com_DPrintf( S_COLOR_YELLOW "WARNING: probable corrupt history\n" ); - break; - } - Com_Memcpy( historyEditLines[ i ].buffer, - text_p, numChars ); - historyEditLines[ i ].buffer[ numChars ] = '\0'; - text_p += numChars; - - numLines++; + Com_Printf( "Couldn't read %s.\n", CONSOLE_HISTORY_FILE ); + return; } - memmove( &historyEditLines[ 0 ], &historyEditLines[ i + 1 ], - numLines * sizeof( field_t ) ); - for( i = numLines; i < COMMAND_HISTORY; i++ ) - Field_Clear( &historyEditLines[ i ] ); + if( consoleSaveBufferSize <= MAX_CONSOLE_SAVE_BUFFER && + FS_Read( consoleSaveBuffer, consoleSaveBufferSize, f ) == consoleSaveBufferSize ) + { + text_p = consoleSaveBuffer; - historyLine = nextHistoryLine = numLines; + for( i = COMMAND_HISTORY - 1; i >= 0; i-- ) + { + if( !*( token = COM_Parse( &text_p ) ) ) + break; + + historyEditLines[ i ].cursor = atoi( token ); + + if( !*( token = COM_Parse( &text_p ) ) ) + break; + + historyEditLines[ i ].scroll = atoi( token ); + + if( !*( token = COM_Parse( &text_p ) ) ) + break; + + numChars = atoi( token ); + text_p++; + if( numChars > ( strlen( consoleSaveBuffer ) - ( text_p - consoleSaveBuffer ) ) ) + { + Com_DPrintf( S_COLOR_YELLOW "WARNING: probable corrupt history\n" ); + break; + } + Com_Memcpy( historyEditLines[ i ].buffer, + text_p, numChars ); + historyEditLines[ i ].buffer[ numChars ] = '\0'; + text_p += numChars; + + numLines++; + } + + memmove( &historyEditLines[ 0 ], &historyEditLines[ i + 1 ], + numLines * sizeof( field_t ) ); + for( i = numLines; i < COMMAND_HISTORY; i++ ) + Field_Clear( &historyEditLines[ i ] ); + + historyLine = nextHistoryLine = numLines; + } + else + Com_Printf( "Couldn't read %s.\n", CONSOLE_HISTORY_FILE ); + + FS_FCloseFile( f ); } /* @@ -1441,8 +1455,9 @@ so that it persists across invocations of q3 */ void CL_SaveConsoleHistory( void ) { - int i; - int lineLength, saveBufferLength, additionalLength; + int i; + int lineLength, saveBufferLength, additionalLength; + fileHandle_t f; consoleSaveBuffer[ 0 ] = '\0'; @@ -1454,8 +1469,8 @@ void CL_SaveConsoleHistory( void ) lineLength = strlen( historyEditLines[ i ].buffer ); saveBufferLength = strlen( consoleSaveBuffer ); - //ICK "seta cl_consoleHistory " + "%d %d %d " = 23 + 13 = 36 - additionalLength = lineLength + 36; + //ICK + additionalLength = lineLength + strlen( "999 999 999 " ); if( saveBufferLength + additionalLength < MAX_CONSOLE_SAVE_BUFFER ) { @@ -1473,5 +1488,17 @@ void CL_SaveConsoleHistory( void ) } while( i != ( nextHistoryLine - 1 ) % COMMAND_HISTORY ); - Cvar_Set( "cl_consoleHistory", consoleSaveBuffer ); + consoleSaveBufferSize = strlen( consoleSaveBuffer ); + + f = FS_FOpenFileWrite( CONSOLE_HISTORY_FILE ); + if( !f ) + { + Com_Printf( "Couldn't write %s.\n", CONSOLE_HISTORY_FILE ); + return; + } + + if( FS_Write( consoleSaveBuffer, consoleSaveBufferSize, f ) < consoleSaveBufferSize ) + Com_Printf( "Couldn't write %s.\n", CONSOLE_HISTORY_FILE ); + + FS_FCloseFile( f ); }