Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								2c14f02ee5 
								
							 
						 
						
							
							
								
								Revert "fix" because it was based on wrong assumptions and actually doesn't fix anything at all.  
							
							
							
						 
						
							2006-07-17 19:15:36 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								57a5f2571a 
								
							 
						 
						
							
							
								
								Fix wrong means of death message in server log.  
							
							
							
						 
						
							2006-07-09 16:36:33 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Ludwig Nussel 
								
							 
						 
						
							
							
							
							
								
							
							
								6327f1ce47 
								
							 
						 
						
							
							
								
								looks like the interpreter was broken all the time. Didn't anyone  
							
							... 
							
							
							
							notice? 
							
						 
						
							2006-07-06 09:25:17 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								fc244c97ef 
								
							 
						 
						
							
							
								
								Fix critical buffer overflow in cgame, see exploit at  http://www.milw0rm.com/exploits/1977  
							
							
							
						 
						
							2006-07-06 00:37:56 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Ludwig Nussel 
								
							 
						 
						
							
							
							
							
								
							
							
								a24ffc0dd5 
								
							 
						 
						
							
							
								
								- print warning if server tries to set cvars it shouldn't set  
							
							... 
							
							
							
							- make warnings yellow 
							
						 
						
							2006-07-05 20:30:53 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								7d51d75b05 
								
							 
						 
						
							
							
								
								- Fix arbitrary cvar overwrite flaw:  http://aluigi.altervista.org/adv.htm  
							
							... 
							
							
							
							- Add myself to maintainer list :) 
							
						 
						
							2006-07-03 21:37:50 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								d42b87ae87 
								
							 
						 
						
							
							
								
								* OpenAL bug fix (from Josh Weisskopf)  
							
							
							
						 
						
							2006-06-17 21:01:57 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								ce0100138c 
								
							 
						 
						
							
							
								
								* Better SDL joystick support (from Erik Auerswald)  
							
							
							
						 
						
							2006-06-17 20:30:38 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								7d657ba62f 
								
							 
						 
						
							
							
								
								* sv_minRate (from R1CH)  
							
							... 
							
							
							
							* [cl|sv]_packetdelay (from tjw) 
							
						 
						
							2006-06-17 19:19:34 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								394c09fa26 
								
							 
						 
						
							
							
								
								Remove chars with ascii value > 127 in MSG_ReadBigString too to make it correspond to the behaviour of WriteBigString.  
							
							
							
						 
						
							2006-06-16 21:44:44 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								e02617ee89 
								
							 
						 
						
							
							
								
								Little fix for the sanity check fix from previous rev...  
							
							
							
						 
						
							2006-06-16 20:47:29 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								813a6ecdc3 
								
							 
						 
						
							
							
								
								- Fix bug that allows a malicious server to write and overwrite any files in the quake3 directory.  
							
							... 
							
							
							
							Reported by Luigi Auriemma.
- Moved directory traversal check to a more proper location.
- Added a few sanity checks for checksum/pakname storage to fix a crash that can occur under certain circumstances. 
							
						 
						
							2006-06-16 20:38:08 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								c9c15562ea 
								
							 
						 
						
							
							
								
								Fix client "freezes" if a user with ASCII characters > 127 enters a server. Reported by tjw  
							
							
							
						 
						
							2006-06-11 14:56:58 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								99abd01c2f 
								
							 
						 
						
							
							
								
								Fix remotely exploitable parse download overflow reported by Luigi Auriemma.  
							
							... 
							
							
							
							See http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046578.html 
for the advisory. 
							
						 
						
							2006-06-04 13:45:53 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								84296bfc2c 
								
							 
						 
						
							
							
								
								Fixed a crash in md4 routines when using them on files with zero length, reported by Lukasz Saduniowski.  
							
							
							
						 
						
							2006-06-01 00:58:19 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								9af85d9378 
								
							 
						 
						
							
							
								
								Forgot to check for windows-style path seperator in precaution against directory traversal abuse.  
							
							
							
						 
						
							2006-06-01 00:23:46 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								503c0a22c6 
								
							 
						 
						
							
							
								
								Partially applied patch from Joerg Dietrich. Fixes:  
							
							... 
							
							
							
							- incorrect handling of file names when opening sound files by name without extension
 - byte endian issues in ogg decoder. 
							
						 
						
							2006-06-01 00:14:56 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Ryan C. Gordon 
								
							 
						 
						
							
							
							
							
								
							
							
								997dffc649 
								
							 
						 
						
							
							
								
								Correction in PowerPC JIT code. Fixes crash in server browser, etc, on Mac OS X  
							
							... 
							
							
							
							and probably PowerPC Linux, too...fixes Bugzilla #2519 . 
							
						 
						
							2006-05-29 03:02:54 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								856a397e8c 
								
							 
						 
						
							
							
								
								Prevent servers from making clients download files that are written to non-quake3 directories.  
							
							
							
						 
						
							2006-05-28 14:36:37 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								d2b5dd1e8a 
								
							 
						 
						
							
							
								
								Applied parts of Josh Weisskopf's patch to make naming of executables consistent with Linux.  
							
							
							
						 
						
							2006-05-16 07:11:39 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								e5c0581d52 
								
							 
						 
						
							
							
								
								Added two missing source files to the MSVC project files  
							
							
							
						 
						
							2006-05-16 07:03:36 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								6fe78df757 
								
							 
						 
						
							
							
								
								Fixed missing initialization of idPack and missionPack variables which may result in failure to autodownload files from the server even if legitimate.  
							
							
							
						 
						
							2006-05-15 19:50:44 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								a08a539c10 
								
							 
						 
						
							
							
								
								Fix JIT compiler code execution on NX-protected win32 OS  
							
							
							
						 
						
							2006-05-15 15:57:02 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								27df5fca31 
								
							 
						 
						
							
							
								
								Corrected #include directives of openal headers for MSVC.  
							
							
							
						 
						
							2006-05-13 12:18:43 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								60293f49ee 
								
							 
						 
						
							
							
								
								Fix bug that permits download of arbitrary files from a download enabled server by checking requested file name against the list of loaded pk3 files. See CVE-2006-2082  
							
							
							
						 
						
							2006-05-08 19:53:41 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								fda7db7619 
								
							 
						 
						
							
							
								
								* Fix the MinGW build. Ugh.  
							
							
							
						 
						
							2006-05-06 16:01:41 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								e1c5be3ab0 
								
							 
						 
						
							
							
								
								Added return; statement so it doesn't complain when it receives a remapShader command.  
							
							
							
						 
						
							2006-05-06 12:11:24 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								5ebb75e651 
								
							 
						 
						
							
							
								
								Fix remapShader command in cgame and tweak it in ui.  
							
							
							
						 
						
							2006-05-06 10:54:55 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Ludwig Nussel 
								
							 
						 
						
							
							
							
							
								
							
							
								63d2010914 
								
							 
						 
						
							
							
								
								add update_url. Maybe we need it in the future  
							
							
							
						 
						
							2006-05-06 08:46:21 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								d21411452e 
								
							 
						 
						
							
							
								
								Add string length checking to function COM_StripExtension. This fixes the R_RemapShader buffer overflow exploit that can be found here:  
							
							... 
							
							
							
							http://milw0rm.com/exploits/1750  
						
							2006-05-06 01:56:24 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								2675960c2c 
								
							 
						 
						
							
							
								
								removed a space too much after "say_team: " chat prompt.  
							
							
							
						 
						
							2006-05-04 15:37:08 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								1847c321f0 
								
							 
						 
						
							
							
								
								- Added SV_Shutdown to Linux signal handler to ensure that clients don't hang when server gets killed, as suggested by Tony J. White  
							
							... 
							
							
							
							- Added newline to final message sent to clients.
- Added check for whether client is running at all before CL_Shutdown runs through. 
							
						 
						
							2006-05-04 13:59:58 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								2583351211 
								
							 
						 
						
							
							
								
								- Replaced SV_GetPlayerByName with SV_GetPlayerByHandle that supports lookup of client_t structures by playernum, too.  
							
							... 
							
							
							
							That means the ban and kick commands will now accept the playernum - as seen in the status command - as argument. 
							
						 
						
							2006-05-02 21:20:07 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								7b6fe90aad 
								
							 
						 
						
							
							
								
								Fix "Net_CompareAdr: Bad address type" error message when starting a new map with bots.  
							
							
							
						 
						
							2006-05-02 17:53:26 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Ludwig Nussel 
								
							 
						 
						
							
							
							
							
								
							
							
								8895df0925 
								
							 
						 
						
							
							
								
								- remove leftover anistropic filtering variables from glconfig_t  
							
							... 
							
							
							
							- check size of glconfig_t to prevent accidential ABI breakage in the future 
							
						 
						
							2006-04-30 15:00:39 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								12a2b7694a 
								
							 
						 
						
							
							
								
								- Fixed incompatibility to original VMs introduced by anisotropic filtering patch.  
							
							... 
							
							
							
							- Removed dependency of flares from tr.identityLight because they are barely visible with r_overbrightbits set to 1 
							
						 
						
							2006-04-30 14:32:56 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								82c4c70535 
								
							 
						 
						
							
							
								
								- Fix r_overBrightBits variable getting ignored on Linux  
							
							... 
							
							
							
							- Replaced SDL_SetGamma by SDL_SetGammaRamp with gamma behaviour now matching win_gamma.c 
							
						 
						
							2006-04-30 13:50:13 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								d475dfef97 
								
							 
						 
						
							
							
								
								* Yet another tweak to the long server uptime bug fix  
							
							
							
						 
						
							2006-04-28 17:31:02 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								55453fd919 
								
							 
						 
						
							
							
								
								Fix for skybox blacklines bug on non-SDL compilations.  
							
							
							
						 
						
							2006-04-27 14:48:35 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								235e2c215f 
								
							 
						 
						
							
							
								
								- Introduced various new typedefs for windows platform (int32_t, int64_t, etc...)  
							
							... 
							
							
							
							- Applied md5 64-bit safety patch by Tony White. 
							
						 
						
							2006-04-27 13:39:41 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								c116695ea7 
								
							 
						 
						
							
							
								
								- "baseq3" literal replacement patch (by Erik Auerswald) applied  
							
							... 
							
							
							
							- Commented setting of the cl_guid cvar because md5.c is not 64-bit safe. 
							
						 
						
							2006-04-26 13:36:58 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								dbdc92d4be 
								
							 
						 
						
							
							
								
								strupr'ing demo filenames breaks demo selection on case sensitive file systems.  
							
							
							
						 
						
							2006-04-26 11:31:18 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								70fca10af2 
								
							 
						 
						
							
							
								
								Replaced various "baseq3" strings with the centrally defined BASEGAME macro.  
							
							
							
						 
						
							2006-04-26 11:27:12 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Ludwig Nussel 
								
							 
						 
						
							
							
							
							
								
							
							
								88b2b82b00 
								
							 
						 
						
							
							
								
								SunOS -> sunos (patch by Vincent Cojot)  
							
							
							
						 
						
							2006-04-23 20:59:06 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								31fdab187c 
								
							 
						 
						
							
							
								
								Fix didn't work yet because it didn't use the buffer where the filename extension chop-off is done. D'oh!  
							
							
							
						 
						
							2006-04-23 20:04:42 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								56294e2da8 
								
							 
						 
						
							
							
								
								* Oops  
							
							
							
						 
						
							2006-04-23 18:04:51 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								8aecee5158 
								
							 
						 
						
							
							
								
								* cl_guid for semi-reliable server authentication (from tjw)  
							
							
							
						 
						
							2006-04-22 22:21:56 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								68b9eb3fba 
								
							 
						 
						
							
							
								
								* Anisotropic texture filtering (from Echon)  
							
							
							
						 
						
							2006-04-22 22:14:15 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thilo Schulz 
								
							 
						 
						
							
							
							
							
								
							
							
								40d5eee8ef 
								
							 
						 
						
							
							
								
								Fix prohibits illegal downloading of id PK3 files from servers. That bug is hit by *every* official server release from ID.  
							
							
							
						 
						
							2006-04-22 18:24:50 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Tim Angus 
								
							 
						 
						
							
							
							
							
								
							
							
								ef51968654 
								
							 
						 
						
							
							
								
								* Fix to a bug introduced by the fix to the long server uptime bug  
							
							
							
						 
						
							2006-04-22 15:57:43 +00:00