- Fix arbitrary cvar overwrite flaw: http://aluigi.altervista.org/adv.htm

- Add myself to maintainer list :)
2006-07-03 21:37:50 +00:00 · 2006-07-03 21:37:50 +00:00 · 7d51d75b05
commit 7d51d75b05
parent d42b87ae87
6 changed files with 61 additions and 3 deletions
--- a/code/qcommon/files.c
+++ b/code/qcommon/files.c
@ -2568,6 +2568,23 @@ qboolean FS_idPak( char *pak, char *base ) {
 	return qfalse;
 }

+/*
+================
+FS_idPak
+
+Check whether the string contains stuff like "../" to prevent directory traversal bugs
+and return qtrue if it does.
+================
+*/
+
+qboolean FS_CheckDirTraversal(const char *checkdir)
+{
+	if(strstr(checkdir, "../") || strstr(checkdir, "..\\"))
+		return qtrue;
+	
+	return qfalse;
+}
+
 /*
 ================
 FS_ComparePaks
@ -2617,7 +2634,7 @@ qboolean FS_ComparePaks( char *neededpaks, int len, qboolean dlstring ) {
 		}

 		// Make sure the server cannot make us write to non-quake3 directories.
-		if(strstr(fs_serverReferencedPakNames[i], "../") || strstr(fs_serverReferencedPakNames[i], "..\\"))
+		if(FS_CheckDirTraversal(fs_serverReferencedPakNames[i]))
                {
 			Com_Printf("WARNING: Invalid download name %s\n", fs_serverReferencedPakNames[i]);
                        continue;