yquake2
/
yquake2remaster
mirror of https://github.com/yquake2/yquake2remaster.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove the unused `msg` cvar and server side infrastructure. 

In Quake I this coould be used to filter messages by priority. id
Software never implemented it for Quake II, it's just a left-over.
Remove it.

The `msg` cvar was exploited in attacks against the client. A malicious
server send a `msg` cvar as stufftext -> it gets saved into the config
-> since it's retrivable over the network through the userinfo stuff
this can be used to track users, etc.
This commit is contained in:
Yamagi 2023-01-05 18:06:21 +01:00
parent ce2410079e
commit 81647f79ec
5 changed files with 0 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/client/cl_main.c
View File

@ -68,7 +68,6 @@ cvar_t *rate;
cvar_t *fov; cvar_t *fov;
cvar_t *horplus; cvar_t *horplus;
cvar_t *windowed_mouse; cvar_t *windowed_mouse;
cvar_t *msg;
cvar_t *hand; cvar_t *hand;
cvar_t *gender; cvar_t *gender;
cvar_t *gender_auto; cvar_t *gender_auto;
@ -533,7 +532,6 @@ CL_InitLocal(void)
name = Cvar_Get("name", "unnamed", CVAR_USERINFO | CVAR_ARCHIVE); name = Cvar_Get("name", "unnamed", CVAR_USERINFO | CVAR_ARCHIVE);
skin = Cvar_Get("skin", "male/grunt", CVAR_USERINFO | CVAR_ARCHIVE); skin = Cvar_Get("skin", "male/grunt", CVAR_USERINFO | CVAR_ARCHIVE);
rate = Cvar_Get("rate", "8000", CVAR_USERINFO | CVAR_ARCHIVE); rate = Cvar_Get("rate", "8000", CVAR_USERINFO | CVAR_ARCHIVE);
msg = Cvar_Get("msg", "1", CVAR_USERINFO | CVAR_ARCHIVE);
hand = Cvar_Get("hand", "0", CVAR_USERINFO | CVAR_ARCHIVE); hand = Cvar_Get("hand", "0", CVAR_USERINFO | CVAR_ARCHIVE);
fov = Cvar_Get("fov", "90", CVAR_USERINFO | CVAR_ARCHIVE); fov = Cvar_Get("fov", "90", CVAR_USERINFO | CVAR_ARCHIVE);
horplus = Cvar_Get("horplus", "1", CVAR_ARCHIVE); horplus = Cvar_Get("horplus", "1", CVAR_ARCHIVE);

1
src/client/cl_network.c
View File

@ -29,7 +29,6 @@
void CL_ParseStatusMessage(void); void CL_ParseStatusMessage(void);
extern cvar_t *msg;
extern cvar_t *rcon_client_password; extern cvar_t *rcon_client_password;
extern cvar_t *rcon_address; extern cvar_t *rcon_address;
extern cvar_t *cl_timeout; extern cvar_t *cl_timeout;

1
src/server/header/server.h
View File

@ -126,7 +126,6 @@ typedef struct client_s
edict_t *edict; /* EDICT_NUM(clientnum+1) */ edict_t *edict; /* EDICT_NUM(clientnum+1) */
char name[32]; /* extracted from userinfo, high bits masked */ char name[32]; /* extracted from userinfo, high bits masked */
int messagelevel; /* for filtering printed messages */
/* The datagram is written to by sound calls, prints, /* The datagram is written to by sound calls, prints,
temp ents, etc. It can be harmlessly overflowed. */ temp ents, etc. It can be harmlessly overflowed. */

8
src/server/sv_main.c
View File

@ -564,14 +564,6 @@ SV_UserinfoChanged(client_t *cl)
{ {
cl->rate = 5000; cl->rate = 5000;
} }
/* msg command */
val = Info_ValueForKey(cl->userinfo, "msg");
if (strlen(val))
{
cl->messagelevel = (int)strtol(val, (char **)NULL, 10);
}
} }
/* /*

10
src/server/sv_send.c
View File

@ -52,11 +52,6 @@ SV_ClientPrintf(client_t *cl, int level, char *fmt, ...)
va_list argptr; va_list argptr;
char string[1024]; char string[1024];
if (level < cl->messagelevel)
{
return;
}
va_start(argptr, fmt); va_start(argptr, fmt);
vsnprintf(string, sizeof(string), fmt, argptr); vsnprintf(string, sizeof(string), fmt, argptr);
va_end(argptr); va_end(argptr);
@ -99,11 +94,6 @@ SV_BroadcastPrintf(int level, char *fmt, ...)
for (i = 0, cl = svs.clients; i < maxclients->value; i++, cl++) for (i = 0, cl = svs.clients; i < maxclients->value; i++, cl++)
{ {
if (level < cl->messagelevel)
{
continue;
}
if (cl->state != cs_spawned) if (cl->state != cs_spawned)
{ {
continue; continue;