Remove the unused `msg` cvar and server side infrastructure.
In Quake I this coould be used to filter messages by priority. id Software never implemented it for Quake II, it's just a left-over. Remove it. The `msg` cvar was exploited in attacks against the client. A malicious server send a `msg` cvar as stufftext -> it gets saved into the config -> since it's retrivable over the network through the userinfo stuff this can be used to track users, etc.
This commit is contained in:
parent
ce2410079e
commit
81647f79ec
|
@ -68,7 +68,6 @@ cvar_t *rate;
|
||||||
cvar_t *fov;
|
cvar_t *fov;
|
||||||
cvar_t *horplus;
|
cvar_t *horplus;
|
||||||
cvar_t *windowed_mouse;
|
cvar_t *windowed_mouse;
|
||||||
cvar_t *msg;
|
|
||||||
cvar_t *hand;
|
cvar_t *hand;
|
||||||
cvar_t *gender;
|
cvar_t *gender;
|
||||||
cvar_t *gender_auto;
|
cvar_t *gender_auto;
|
||||||
|
@ -533,7 +532,6 @@ CL_InitLocal(void)
|
||||||
name = Cvar_Get("name", "unnamed", CVAR_USERINFO | CVAR_ARCHIVE);
|
name = Cvar_Get("name", "unnamed", CVAR_USERINFO | CVAR_ARCHIVE);
|
||||||
skin = Cvar_Get("skin", "male/grunt", CVAR_USERINFO | CVAR_ARCHIVE);
|
skin = Cvar_Get("skin", "male/grunt", CVAR_USERINFO | CVAR_ARCHIVE);
|
||||||
rate = Cvar_Get("rate", "8000", CVAR_USERINFO | CVAR_ARCHIVE);
|
rate = Cvar_Get("rate", "8000", CVAR_USERINFO | CVAR_ARCHIVE);
|
||||||
msg = Cvar_Get("msg", "1", CVAR_USERINFO | CVAR_ARCHIVE);
|
|
||||||
hand = Cvar_Get("hand", "0", CVAR_USERINFO | CVAR_ARCHIVE);
|
hand = Cvar_Get("hand", "0", CVAR_USERINFO | CVAR_ARCHIVE);
|
||||||
fov = Cvar_Get("fov", "90", CVAR_USERINFO | CVAR_ARCHIVE);
|
fov = Cvar_Get("fov", "90", CVAR_USERINFO | CVAR_ARCHIVE);
|
||||||
horplus = Cvar_Get("horplus", "1", CVAR_ARCHIVE);
|
horplus = Cvar_Get("horplus", "1", CVAR_ARCHIVE);
|
||||||
|
|
|
@ -29,7 +29,6 @@
|
||||||
|
|
||||||
void CL_ParseStatusMessage(void);
|
void CL_ParseStatusMessage(void);
|
||||||
|
|
||||||
extern cvar_t *msg;
|
|
||||||
extern cvar_t *rcon_client_password;
|
extern cvar_t *rcon_client_password;
|
||||||
extern cvar_t *rcon_address;
|
extern cvar_t *rcon_address;
|
||||||
extern cvar_t *cl_timeout;
|
extern cvar_t *cl_timeout;
|
||||||
|
|
|
@ -126,7 +126,6 @@ typedef struct client_s
|
||||||
|
|
||||||
edict_t *edict; /* EDICT_NUM(clientnum+1) */
|
edict_t *edict; /* EDICT_NUM(clientnum+1) */
|
||||||
char name[32]; /* extracted from userinfo, high bits masked */
|
char name[32]; /* extracted from userinfo, high bits masked */
|
||||||
int messagelevel; /* for filtering printed messages */
|
|
||||||
|
|
||||||
/* The datagram is written to by sound calls, prints,
|
/* The datagram is written to by sound calls, prints,
|
||||||
temp ents, etc. It can be harmlessly overflowed. */
|
temp ents, etc. It can be harmlessly overflowed. */
|
||||||
|
|
|
@ -564,14 +564,6 @@ SV_UserinfoChanged(client_t *cl)
|
||||||
{
|
{
|
||||||
cl->rate = 5000;
|
cl->rate = 5000;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* msg command */
|
|
||||||
val = Info_ValueForKey(cl->userinfo, "msg");
|
|
||||||
|
|
||||||
if (strlen(val))
|
|
||||||
{
|
|
||||||
cl->messagelevel = (int)strtol(val, (char **)NULL, 10);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -52,11 +52,6 @@ SV_ClientPrintf(client_t *cl, int level, char *fmt, ...)
|
||||||
va_list argptr;
|
va_list argptr;
|
||||||
char string[1024];
|
char string[1024];
|
||||||
|
|
||||||
if (level < cl->messagelevel)
|
|
||||||
{
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
va_start(argptr, fmt);
|
va_start(argptr, fmt);
|
||||||
vsnprintf(string, sizeof(string), fmt, argptr);
|
vsnprintf(string, sizeof(string), fmt, argptr);
|
||||||
va_end(argptr);
|
va_end(argptr);
|
||||||
|
@ -99,11 +94,6 @@ SV_BroadcastPrintf(int level, char *fmt, ...)
|
||||||
|
|
||||||
for (i = 0, cl = svs.clients; i < maxclients->value; i++, cl++)
|
for (i = 0, cl = svs.clients; i < maxclients->value; i++, cl++)
|
||||||
{
|
{
|
||||||
if (level < cl->messagelevel)
|
|
||||||
{
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (cl->state != cs_spawned)
|
if (cl->state != cs_spawned)
|
||||||
{
|
{
|
||||||
continue;
|
continue;
|
||||||
|
|
Loading…
Reference in New Issue