r794 - trunk/code/client

DONOTREPLY at icculus.org DONOTREPLY at icculus.org
Wed May 31 20:23:46 EDT 2006


Author: thilo
Date: 2006-05-31 20:23:46 -0400 (Wed, 31 May 2006)
New Revision: 794

Modified:
   trunk/code/client/cl_main.c
Log:
Forgot to check for windows-style path seperator in precaution against directory traversal abuse.


Modified: trunk/code/client/cl_main.c
===================================================================
--- trunk/code/client/cl_main.c	2006-06-01 00:14:56 UTC (rev 793)
+++ trunk/code/client/cl_main.c	2006-06-01 00:23:46 UTC (rev 794)
@@ -1445,7 +1445,7 @@
 			s = localName + strlen(localName); // point at the nul byte
 		
 		// Make sure the server cannot make us write to non-quake3 directories.
-		if(strstr(localName, "../"))
+		if(strstr(localName, "../") || strstr(localName, "..\\"))
 		{
 			Com_Error(ERR_DROP, "CL_NextDownload: Invalid download name %s", localName);
 			return;




More information about the quake3-commits mailing list