okseby/Quake-III-Arena
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

- Fix arbitrary cvar overwrite flaw: http://aluigi.altervista.org/adv.htm

Browse source 
- Add myself to maintainer list :)
This commit is contained in:
Thilo Schulz 2006-07-03 21:37:50 +00:00
parent d42b87ae87
commit 7d51d75b05
6 changed files with 61 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

23
code/client/cl_parse.c
View file

@ -368,16 +368,35 @@ void CL_SystemInfoChanged( void ) {
// scan through all the variables in the systeminfo and locally set cvars to match
s = systemInfo;
while ( s ) {
int cvar_flags;
Info_NextPair( &s, key, value );
if ( !key[0] ) {
break;
}
// ehw!
if ( !Q_stricmp( key, "fs_game" ) ) {
if (!Q_stricmp(key, "fs_game"))
{
if(FS_CheckDirTraversal(value))
{
Com_Printf("WARNING: Server sent invalid fs_game value %s\n", value);
continue;
}
gameSet = qtrue;
}
Cvar_Set( key, value );
if((cvar_flags = Cvar_Flags(key)) == CVAR_NONEXISTENT)
Cvar_Get(key, value, CVAR_SERVER_CREATED | CVAR_ROM);
else
{
// If this cvar may not be modified by a server discard the value.
if(!(cvar_flags & (CVAR_SYSTEMINFO | CVAR_SERVER_CREATED)))
continue;
Cvar_Set(key, value);
}
}
// if game folder should not be set and it is set at the client side
if ( !gameSet && *Cvar_VariableString("fs_game") ) {