Commit graph

126 commits

Author SHA1 Message Date
Zack Middleton
3638f69dff Fix fs_game '..' reading outside of home and base path
VMs could set fs_game to '..' at anytime to access files outside of home
and base path. fs_game sent by server to clients could also be '..' to
access files outside of home and base path.

'..' was not caught by FS_CheckDirTraversal() as it expects filenames
not a single directory.

I've made fs_game be latched to prevent VMs from changing it with no
good way to validate it before it's used. com_basegame and fs_basegame
are now latched as well.

Additionally, it's now possible to change com_basegame while the engine
is running. game_restart or vid_restart will make it take affect.
com_homepath is now CVAR_PROTECTED to prevent VMs from changing it
to a directory traversal.

This requires my two previous commits for preventing VMs from changing
engine latch cvars and only Cvar_Get fs_game in FS_Startup (so CVAR_INIT
isn't added in serveral other places).

Reported by Noah Metzger (Chomenor).
2018-01-21 06:02:28 -06:00
Edward Betts
fe42b8653d Correct spelling mistakes. 2017-11-22 01:40:20 -06:00
Zack Middleton
ead54782d0 Improve client input responsiveness
Move sampling input to the other side of framerate limiter.

Thanks to Alexander "wareya" Nadeau and Juraj "youurayy" Vitko for
pointing this out.
2017-08-21 21:40:54 -05:00
Zack Middleton
d2b1d124d4 Fix/improve buffer overflow in MSG_ReadBits/MSG_WriteBits
Prevent reading past end of message in MSG_ReadBits. If read past
end of msg->data buffer (16348 bytes) the engine could SEGFAULT.
Make MSG_WriteBits use an exact buffer overflow check instead of
possibly failing with a few bytes left.
2017-08-02 14:55:22 -05:00
Zack Middleton
dfce71929a Add con_autochat and con_autoclear cvars 2017-06-08 15:46:19 -05:00
Zack Middleton
05858d30e8 Don't load libraries with non-standard file extensions
Also don't allow writting files ending in a library extension such
as ".so.0" or ".dylib.0".
2017-05-24 10:28:46 -05:00
Max Crofts
7ff610db35 Detect GOG install path 2017-04-07 16:26:26 +10:00
SmileTheory
d4e1a01f33 Remove FS_Read2().
Functionally the same as FS_Read().
Streaming functionality was removed in 672cfbf16f but flag remained.
2017-03-17 04:21:11 -07:00
Zack Middleton
755b2f38f0 Offer post-crash safe settings on a per-mod basis
Offer to restore settings when loading a mod that crashed, not the first
mod that gets loaded after a crash. Before the first mod loaded (usually
baseq3) would get the option even if missionpack or some other mod crashed.

- Make pid files separate for each fs_game.
- Remove/write pid every time switching fs_game.
- Create path before writing pid file otherwise it fails on first run.
- Show mod description.txt or fs_game instead of engine name in abnormal
  exit message.
- Check com_fullyInitialized in Com_Error before removing PID,
  otherwise "ioquake3 --version" segfaults when accessing fs_gamevar->string
  (plus not fully initialized isn't really a normal shutdown).
2016-10-09 18:18:08 -05:00
Victor Roemer
398dea397c Fix Makefile for OSX
Bump base SDK from 10.5 -> 10.7
Just use the builtin __APPLE__
2016-06-12 17:17:33 -04:00
Zack Middleton
8b458e5457 Fix warnings that names passed to Name_PlayerNameCompletion is not const 2016-05-09 10:41:58 -05:00
Zack Middleton
615b73288f Use Opus for VoIP
Server/client VoIP protocol is handled by adding new cvars
cl_voipProtocol and sv_voipProtocol, sv_voip and cl_voip
are used to auto set/clear them. All users need to touch
are cl/sv_voip as 0 or 1 just like before.

Old Speex VoIP packets in demos are skipped.
New VoIP packets are skipped in demos if sv_voipProtocol
doesn't match cl_voipProtocol.

Notable difference between usage of speex and opus codecs,
when using Speex client would be sent 80ms at a time.
Using Opus, 60ms is sent at a time. This was changed because
the Opus codec supports encoding up to 60ms at a time.
(Simpler to send only one codec frame in a packet.)
2016-01-06 05:19:10 -06:00
Zachary J. Slater
fe619680f8 Merge pull request #73 from Pan7/sayto
sayto cmd with player name completion
2015-12-28 09:04:19 -08:00
SmileTheory
f860a753e0 Add Steam's Quake 3 Arena dir to game dirs on Windows. 2015-09-17 02:53:19 -07:00
Tim Angus
f83334d81b Add facility to describe cvars 2014-09-26 14:29:51 +01:00
Pan7
f62d4c7f1c sayto cmd with player name completion 2014-07-18 00:15:05 +02:00
Zack Middleton
baf5737779 Remove function prototypes for non-existant Sys_* DLL functions 2013-11-08 18:44:04 -06:00
Zack Middleton
028f0f1ac4 Remove old comment that FS_Seek doesn't work on zipped files 2013-11-08 18:43:48 -06:00
/dev/humancontroller
120e296a74 fix some OOB enumerator usages
(should be no-op with usual compiler workings)
2013-05-30 15:48:49 -05:00
Zack Middleton
936db459ee Don't allow modifying qvms or pk3s
Exception for allowing pk3s to be downloaded.
2013-04-24 14:11:18 -05:00
Zack Middleton
eef897b3c1 Remove Sys_SnapVector 2013-02-18 19:05:37 -06:00
Zack Middleton
2e45edb550 5717 - Gamecode can open file "" for reading 2013-02-15 21:08:47 -06:00
Zack Middleton
ac621642ac Unify/cleanup max snapshot entities on client and server 2013-02-11 15:49:47 -06:00
Zack Middleton
80b0792980 Remove MSG_WriteDeltaUsercmd and MSG_ReadDeltaUsercmd 2013-02-02 22:26:22 -06:00
Zack Middleton
ad5c5c32a6 REFACTOR [reletive -> relative]
From /dev/humancontroller.
2012-06-18 16:32:03 +00:00
Zachary Slater
b5acc31a4d CVE-2012-3345 2012-06-14 18:28:58 +00:00
Zack Middleton
c211114cb0 #5462 - do not require clients to have a matching qagame.qvm (adapted from OpenArena) 2012-05-07 22:26:03 +00:00
Zack Middleton
7a1efc19a4 Support up to 16 joystick axes, select which to use with j_*_axis cvars. 2012-02-15 18:26:08 +00:00
Zack Middleton
2fbf9d9006 Removed unused functoin Hunk_Trash. 2011-12-08 22:54:45 +00:00
Zack Middleton
5c1ddf4020 Enable zone and hunk debug in debug build. 2011-12-08 22:24:48 +00:00
Thilo Schulz
7eba074ce4 Allow VM_Restart to load unpure qagame.qvm so that local server won't crash after map_restart if server operator has qagame.qvm residing outside pak file (#5196)
Thanks to "rg3" for providing a shell account
2011-09-27 22:16:07 +00:00
Zack Middleton
abe85940ae Disabled getting motd from update server in standalone build. 2011-08-22 20:30:45 +00:00
Tim Angus
85ae08e800 * Fix some grammar in DLL loading
* s/Sys_LoadQVMDll/Sys_LoadGameDll/
2011-08-03 14:32:49 +00:00
Thilo Schulz
8ab91bde8e - Fix already defined command warnings for minimize
- Fix recursive CL_Shutdown warning and "command already defined" warnings when quitting while playing on a server that changed the gamedir.
2011-08-01 10:16:40 +00:00
Thilo Schulz
3752b1d7c4 Change DLL search path order for external libraries that are linked at runtime, like libcurl or libopenal to:
* system library paths
  * executable path
  * fs_basepath
2011-07-29 20:18:37 +00:00
Thilo Schulz
ba385fa43c - Switch master server protocol to dpmaster for better game separation. Based partly on patch by Zack Middleton
- Get rid of ugly cvars sv_heartbeat and cl_gamename and replace with single com_gamename
- Remove sv_flatline. Flatlines are ignored by dpmaster and are considered to be insecure because flatlines can be udp-spoofed.
2011-07-29 13:46:50 +00:00
Thilo Schulz
23f6fd1633 Bug 5094 - Code cleanup, patch by Zack Middleton and DevHC. Fixes unused-but-set gcc warnings 2011-07-29 12:27:00 +00:00
Thilo Schulz
2349148cf1 - Apply parts of Ben Millwood's target bitfield patch (#3787)
- Fix Ryan's FIXME and have voip packet buffer on the server dynamically allocated via Z_Malloc and store pointers in a circular buffer
- Improve voip target parsing on top of Ben Millwood's patch
- Add new "spatial" target where speaker is spatialized in 3d space and can be heard by all clients in hearing range (s_alMaxDistance)
  (#4467)
- Decrease voip sound lengths from 240ms to 80ms per voip packet to mitigate udp packet loss and decrease latency
- Protocol version incremented to 71
2011-07-27 15:47:29 +00:00
Thilo Schulz
9dc32d55e2 Bug 4812 - GCC __attribute__ annotations for printf, non-returning functions etc., patch by linux@youmustbejoking.demon.co.uk and Zack Middleton 2011-07-18 14:56:57 +00:00
Thilo Schulz
e6ba500164 Move rate limiting / queued packet sending logic from Com_Frame() to sv_main.c 2011-07-15 16:51:54 +00:00
Thilo Schulz
ac30d86db0 - Improve snapshot rate and data rate control
- Make server send packet fragments and queued packets when server is idle
- Voip protocol detection is tied to com_protocol making past-end-of-message reading unncessary
- Use Hunk_AllocateTempMemory() for buffering VOIP packets and fix buffering scheme that ryan hates so much
- Disable packet scrambling for new protocol as it is useless now
- Get rid of the old packet scrambling functions predating latest point release
- Use Hunk_AllocateTempMemory() for netchan packet queue to fix memory leak when client gets disconnected with packets in the queue
- Use Hunk_AllocateTempMemory() for download blocks to fix memory leak when client gets disconnected with download blocks in the queue
- Fix SV_RateMsec to account for udp/udp6 packet lengths
2011-07-13 17:11:30 +00:00
Thilo Schulz
e06c117e9e - Implement dual protocol support (#4962)
- Fix several UDP spoofing security issues
2011-07-12 11:59:48 +00:00
Thilo Schulz
e52a492f61 - Greatly improve UDP downloading speed for clients
- Add download rate control cvar sv_dlRate
- Don't send snapshots to downloading clients
2011-07-12 11:01:20 +00:00
Thilo Schulz
d57ba6a57b - Automatically reset fs_game to "" if it was supplied by the user and is equal to com_basegame
- Fix problem where users could change values of CVAR_INIT variables after the call to Cvar_Get() via Com_StartupVariable()
- Move sound shutdown after client shutdown so VMs don't hold invalid sound handles in memory
2011-06-22 23:00:36 +00:00
Thilo Schulz
dee3724a13 - Improve game_restart:
* differing screen resolutions and network settings are now honoured when changing fs_game
  * Fix hunk memory leak on game_restart
  * Move cls.state and cls.servername to clc so connection state is fully preserved over game_restart
  * Revert back to previous fs_game after disconnecting from a server that triggered a game_restart
  * Fix error dialog popping up after every game_restart if an error happened previously (reported by Ensiform)
- Fixed that not all commands added by CL_Init() would be removed by CL_Shutdown()
2011-06-21 11:18:35 +00:00
Thilo Schulz
a5f31084d4 - Fix memory leak in DMA sound after S_Shutdown()
- Make codec load use temp hunk memory instead of zone mem
- Fix sound issues with direct sound and game_restart (#4526)
2011-06-17 23:29:19 +00:00
Thilo Schulz
9219cde4e8 - Small change to search path order - local files not in .pk3s take precedence over files in pk3s. Should make life easier for modders/mappers wanting to override textures that are already contained in some older pk3
- Make VM loading more robust, change loading order: when vm_* == 0 first try loading DLL, then QVM in *each* search directory/path
- Fix FS_FileForHandle that would return a FILE pointer to invalid file handle 0
2011-06-15 22:09:26 +00:00
Thilo Schulz
d34c6b7e0b Revert protocol 69 pending further discussion (#4962) 2011-04-27 20:17:45 +00:00
Thilo Schulz
a5580d8974 - Harden the client and server protocol against UDP spoofing attacks. This will defend ioquake3 against http://aluigi.altervista.org/papers/q3noclient.txt (#3041)
- Retains full compatibility to the old but unsecure protocol between clients and servers
- Harden the connection process against DoS attacks, possibly connected to UDP spoofing
2011-04-27 16:03:35 +00:00
Thilo Schulz
6a203bc8e9 - Fix data alignment issue with glReadPixel call, reported by Guillaume Bougard (#4954)
- Fix data alignment issue in raw AVI recording for weird resolutions (like 1366x768)
2011-04-18 16:06:10 +00:00