Commit graph

552 commits

Author SHA1 Message Date
Zack Middleton
c0c4385122 Merge branch 'codec/mp3' into game/eliteforce 2018-03-03 22:58:53 -06:00
Zack Middleton
0704abe5ec Add libmad source to internal source tree
Modified to fit into Quake 3 build system and use q_platform.h instead of
configure.
2018-03-03 22:47:09 -06:00
Zack Middleton
3d85ba00b1 Merge branch 'master' into codec/mp3
Conflicts:
	Makefile
2018-03-03 22:44:15 -06:00
Zack Middleton
e45538b1c5 Merge branch 'master' into game/eliteforce
Conflicts:
	README.md
	code/server/sv_client.c
2018-03-03 19:27:28 -06:00
Zack Middleton
738465d677 Revert my recent cvar latch changes
My cvar latch system changes prevent the Game VM from changing
g_gametype when the value is out of range due to it being registed in
the engine. It's been pointed out as fragile method of security, which
was still exploitable, by Noah Metzger (Chomenor). It doesn't seem like
this is working out to be a good solution.

The issue of fs_game '..' on server being relicated on client via
systeminfo exploit is still fixed as it's not affected by latch.
There are a few cases from current values of fs_game are used which
ideally should use fs_gamedir char array which has been validated.

Revert "Don't let VMs change engine latch cvars immediately"
Partially revert "Fix fs_game '..' reading outside of home and base path"
Revert "Fix VMs forcing engine latch cvar to update to latched value"
2018-01-21 22:45:46 -06:00
Zack Middleton
3638f69dff Fix fs_game '..' reading outside of home and base path
VMs could set fs_game to '..' at anytime to access files outside of home
and base path. fs_game sent by server to clients could also be '..' to
access files outside of home and base path.

'..' was not caught by FS_CheckDirTraversal() as it expects filenames
not a single directory.

I've made fs_game be latched to prevent VMs from changing it with no
good way to validate it before it's used. com_basegame and fs_basegame
are now latched as well.

Additionally, it's now possible to change com_basegame while the engine
is running. game_restart or vid_restart will make it take affect.
com_homepath is now CVAR_PROTECTED to prevent VMs from changing it
to a directory traversal.

This requires my two previous commits for preventing VMs from changing
engine latch cvars and only Cvar_Get fs_game in FS_Startup (so CVAR_INIT
isn't added in serveral other places).

Reported by Noah Metzger (Chomenor).
2018-01-21 06:02:28 -06:00
Zack Middleton
adef4e6c9e Don't register fs_game cvar everywhere just to get the value 2018-01-21 06:02:08 -06:00
Thomas Köppe
ed1794fe17 Change shift expressions to unsigned types. Shifting signed values to
a result that is not representable has undefined behaviour.
2018-01-21 06:01:50 -06:00
Edward Betts
fe42b8653d Correct spelling mistakes. 2017-11-22 01:40:20 -06:00
Zack Middleton
2bcc90fca9 Fix globalservers for Elite Force
Vanilla Q3 UI doesn't list multiple master servers. ioquake3 changed
globalservers 0 to be all masters so they show in Q3 UI, moving single
masters from 0-4 to 1-5.

Vanilla Elite Force on the other hand, uses 0-4 for separate master
servers. So restore that behavior.
2017-09-18 00:32:54 -05:00
Zack Middleton
f4edc947b5 Make changing com_gamename use dpmaster protocol instead of efmaster 2017-09-18 00:13:27 -05:00
Zack Middleton
d7b202d4eb Fix set but unused variable 'type' warning 2017-09-17 23:49:28 -05:00
Zack Middleton
4837f4619e Merge branch 'master' into game/eliteforce
Conflicts:
	code/client/cl_main.c
	code/qcommon/common.c
	code/qcommon/files.c
	code/qcommon/msg.c
	code/qcommon/q_shared.h
	code/renderercommon/tr_common.h
	code/renderergl2/tr_extensions.c
	code/sdl/sdl_glimp.c
2017-09-17 23:16:55 -05:00
Zack Middleton
c2ce1c2f51 Make client for Windows x86_64 use OpenAL64.dll by default
ioquake3.x86_64.exe can't load x86 OpenAL32.dll. Using separate
library names allows shipping OpenAL for both architectures.

Though since the dll name is saved in the config file, using both
clients on the same computer will cause one client arch to always
try to load the wrong OpenAL dll and then fallback to the correct
default OpenAL dll. I guess it could be fixed by using separate
cvar names for s_alDriver.
2017-09-04 20:34:55 -05:00
Mickaël Thomas
bae86208f9 Only allow safe protocols for cURL downloads
A malicious server could abuse dangerous protocols such as gopher:// to,
for instance, send mail via SMTP.
2017-08-15 21:47:27 -05:00
Zack Middleton
2d6171f44c Remove CVAR_PROTECTED from cl_renderer
Setting cl_renderer isn't a security concern and valid behavior for
a menu to provide. Sys_LoadDLL ensures only libries are loaded and
engine prevents QVMs from writing them.
2017-08-02 14:50:22 -05:00
MAN-AT-ARMS
e07ffa715c Update internal curl to 7.54.0 2017-07-28 16:32:22 +01:00
Zack Middleton
9f239d647b Make 'globalservers 0' fetch all masters
This commit fixes the vanilla Q3 UI VMs not displaying a server list
when id Software's master server is down.

Originally master 0 for the globalservers command was Internet and
master 1 was MPlayer (defunct). In 2008 ioquake3 changed it so that
master 0 to 4 were five separate master servers with no affect on
original Quake3/Team Arena UI VMs; they continued to get the server
list from master.quake3arena.com.

id Software's master server (master.quake3arena.com) goes down
occasionally. Using ioq3's UI VM additional master servers can be
accessed but players using the original UI VMs are unable to get a
server list.

In order to fix the original UI VMs in Quake3/Team Arena's pk3s this
commit makes 'globalservers 0' fetch all master servers. So players
get a combined list of id Software's and ioquake3's master list. Or
just ioquake3's list if id Software's master is down.

Getting lists from individual master servers using globalservers has
changed from 0 through 4 to 1 through 5 to accommodate using 0 for
other purposes. This commit modifies ioq3's UI code to support the new
values for globalservers command.

A side affect of these changes is that UI VMs based on ioq3 since 2008
will have Internet1 fetch all master servers and Internet2 request
sv_master1 instead of sv_master2 and so on. It may be worth noting that
getting server list from masters 3-5 could not be done using ioq3's UI
before 2011.
2017-07-20 15:39:51 -05:00
Zack Middleton
51ca4d35ea Fix misleading-indentation warnings in cl_cin.c 2017-07-09 14:01:41 -05:00
Zack Middleton
e9436abff0 Only allow connectionless print/echo from server/rcon address
Reported by Ensiform.
2017-06-10 19:15:26 -05:00
Zack Middleton
dfce71929a Add con_autochat and con_autoclear cvars 2017-06-08 15:46:19 -05:00
Zack Middleton
0b853a659a Make Team Arena server list sub-sort clients by max clients
The player column in Team Arena UI lists clients and max clients
in format of "clients [maxclients]". When sorting by clients the
max clients is ignored which results in player column being
disorganized.

When servers have the same number of clients, sort based on max
clients. Otherwise client sort is sub-sorted based on order of
getinfo responses (ping).
2017-06-01 17:24:06 -05:00
Zack Middleton
8a50e2aa09 Don't repeat alt+enter key event
Holding alt+enter should not continuously toggle fullscreen mode.
2017-05-29 16:41:03 -05:00
Zack Middleton
024a8842bd Fix compiling debug code for writing VoIP data 2017-05-29 09:54:39 -05:00
Zack Middleton
eecc8326a0 Save connect and playdemo argument before calling CL_Disconnect()
Save argument instead of using a pointer to cmd token memory that
might be overwritten when Cmd_TokenizeString() is called.

No known method for causing the issue without engine changes.
Cmd_TokenizeString() is called by FS_PureServerSetReferencedPaks()
in CL_Disconnect() but it's not an issue because the string is
blank.

Thanks @mickael9.
2017-05-24 12:46:25 -05:00
Zack Middleton
05858d30e8 Don't load libraries with non-standard file extensions
Also don't allow writting files ending in a library extension such
as ".so.0" or ".dylib.0".
2017-05-24 10:28:46 -05:00
SmileTheory
d4e1a01f33 Remove FS_Read2().
Functionally the same as FS_Read().
Streaming functionality was removed in 672cfbf16f but flag remained.
2017-03-17 04:21:11 -07:00
SmileTheory
b173ac0599 Merge some file writing extension checks from OpenJK.
Thanks Ensiform.
https://github.com/JACoders/OpenJK/commit/05928a57f9e4aae15a3bd0
https://github.com/JACoders/OpenJK/commit/ef124fd0fc48af164581176
2017-03-13 20:44:47 -07:00
SmileTheory
f61fe5f6a0 Don't open .pk3 files as OpenAL drivers. 2017-03-13 20:28:37 -07:00
SmileTheory
376267d534 Don't load .pk3s as .dlls, and don't load user config files from .pk3s. 2017-03-13 14:14:00 -07:00
Tim Angus
d85a544bf2 Merge pull request #230 from fmwviormv/patch-1
reset samplefrac to 8-bits, to prevent overflow
2017-01-25 10:42:49 +00:00
Zack Middleton
978afd7590 Avoid shuting down opus voip codec multiple times 2016-10-09 18:30:19 -05:00
fmwviormv
2ef641b969 reset samplefrac to 8-bits, to prevent overflow
issue: https://github.com/ioquake/ioq3/issues/106
2016-10-07 01:21:15 +03:30
SmileTheory
1246d16834 Default cl_renderer to opengl2. 2016-10-02 20:00:59 -07:00
Simon McVittie
c5b6bb0d4b snd_wavelet: avoid undefined pointer below array bounds
Given an array b[] of length n, pointers to &b[0]..&b[n] are defined
(where only &b[0]..&b[n-1] can be validly dereferenced). &b[-1], or
equivalently b-1, is not something we can use in valid Standard C.

gcc 6 diagnoses this as:

code/client/snd_wavelet.c:33:9: warning: array subscript is below array bounds [-Warray-bounds]

and might take this undefined behaviour as permission to emit
"more efficient" object code that is not what the author expected,
for example nothing at all. Use a macro to fake a 1-based array instead.
2016-09-25 17:13:40 +01:00
SmileTheory
b7f2ebd477 Better gamepad support. 2016-08-08 02:36:10 -07:00
SmileTheory
1972128927 Better defaults for joystick axes.
These changed from SDL1->SDL2 afaict.
2016-08-04 21:31:26 -07:00
Zack Middleton
69f9c7d692 Merge branch 'master' into game/eliteforce
Conflicts:
	Makefile
	code/qcommon/q_shared.h
2016-06-17 02:22:52 -05:00
Zack Middleton
780f0a5d3e Prevent CL_RunCinematic from reading cinTable[-1]
At the end of CL_RunCinematic, RoQShutdown sets currentHandle to -1.
This causes the return at the end to be return cinTable[-1].status.
Use return FMV_EOF when RoQShutdown is called.

I think FMV_EOF should be returned instead of FMV_IDLE which is set in
RoQShutdown because RoQShutdown is clearing out state so it can be reused
for a new cinematic.

The return value isn't actually read by the ioq3 client, renderers,
cgame, or ui.
2016-06-15 13:58:26 -05:00
Victor Roemer
398dea397c Fix Makefile for OSX
Bump base SDK from 10.5 -> 10.7
Just use the builtin __APPLE__
2016-06-12 17:17:33 -04:00
Zack Middleton
8b458e5457 Fix warnings that names passed to Name_PlayerNameCompletion is not const 2016-05-09 10:41:58 -05:00
SmileTheory
41791c662f Fix frame_msec possibly being zero in cl_input.c.
This fixes a mouse freezing bug.
2016-01-29 20:14:35 -08:00
Zack Middleton
8d38e2307c Fix some opus_decode issues
It was able to fail the assert before. I was using opus_decode wrong.
2016-01-06 05:19:10 -06:00
Zack Middleton
615b73288f Use Opus for VoIP
Server/client VoIP protocol is handled by adding new cvars
cl_voipProtocol and sv_voipProtocol, sv_voip and cl_voip
are used to auto set/clear them. All users need to touch
are cl/sv_voip as 0 or 1 just like before.

Old Speex VoIP packets in demos are skipped.
New VoIP packets are skipped in demos if sv_voipProtocol
doesn't match cl_voipProtocol.

Notable difference between usage of speex and opus codecs,
when using Speex client would be sent 80ms at a time.
Using Opus, 60ms is sent at a time. This was changed because
the Opus codec supports encoding up to 60ms at a time.
(Simpler to send only one codec frame in a packet.)
2016-01-06 05:19:10 -06:00
Zachary J. Slater
fe619680f8 Merge pull request #73 from Pan7/sayto
sayto cmd with player name completion
2015-12-28 09:04:19 -08:00
Tim Angus
7e0dac7517 Fix check for empty rconpassword in CL_Rcon_f 2015-10-04 21:11:35 +01:00
Tim Angus
9732f1ba69 Now with less infinite recursion 2015-09-26 10:54:16 +01:00
Tim Angus
c70e10d15e Effectively revert c2e146c1 2015-09-25 22:50:01 +01:00
Tim Angus
ec6916ded5 Fix the wonky fix to the wonky va_list usage 2015-09-09 23:33:36 +01:00
Tim Angus
566e2a18de Fix wonky va_list usage 2015-09-09 22:32:12 +01:00