r1054 - trunk/code/client

DONOTREPLY at icculus.org DONOTREPLY at icculus.org
Sun Apr 1 09:38:18 EDT 2007


Author: tma
Date: 2007-04-01 09:38:17 -0400 (Sun, 01 Apr 2007)
New Revision: 1054

Modified:
   trunk/code/client/cl_keys.c
Log:
* Move storage of console history from a cvar to a file in order to alleviate
  security concerns


Modified: trunk/code/client/cl_keys.c
===================================================================
--- trunk/code/client/cl_keys.c	2007-03-22 22:03:00 UTC (rev 1053)
+++ trunk/code/client/cl_keys.c	2007-04-01 13:38:17 UTC (rev 1054)
@@ -1372,8 +1372,10 @@
 }
 
 // This must not exceed MAX_CMD_LINE
-#define MAX_CONSOLE_SAVE_BUFFER 1024
-static char consoleSaveBuffer[ MAX_CONSOLE_SAVE_BUFFER ];
+#define			MAX_CONSOLE_SAVE_BUFFER	1024
+#define			CONSOLE_HISTORY_FILE    "q3history"
+static char	consoleSaveBuffer[ MAX_CONSOLE_SAVE_BUFFER ];
+static int	consoleSaveBufferSize = 0;
 
 /*
 ================
@@ -1384,51 +1386,63 @@
 */
 void CL_LoadConsoleHistory( void )
 {
-	char		*token, *text_p;
-	int			i, numChars, numLines = 0;
-	cvar_t	*cv;
+	char					*token, *text_p;
+	int						i, numChars, numLines = 0;
+	fileHandle_t	f;
 
-	cv = Cvar_Get( "cl_consoleHistory", "", CVAR_ARCHIVE|CVAR_ROM );
-	Q_strncpyz( consoleSaveBuffer, cv->string, MAX_CONSOLE_SAVE_BUFFER );
+	consoleSaveBufferSize = FS_FOpenFileRead( CONSOLE_HISTORY_FILE, &f, qfalse );
+	if( !f )
+	{
+		Com_Printf( "Couldn't read %s.\n", CONSOLE_HISTORY_FILE );
+		return;
+	}
 
-	text_p = consoleSaveBuffer;
-
-	for( i = COMMAND_HISTORY - 1; i >= 0; i-- )
+	if( consoleSaveBufferSize <= MAX_CONSOLE_SAVE_BUFFER &&
+			FS_Read( consoleSaveBuffer, consoleSaveBufferSize, f ) == consoleSaveBufferSize )
 	{
-		if( !*( token = COM_Parse( &text_p ) ) )
-			break;
+		text_p = consoleSaveBuffer;
 
-		historyEditLines[ i ].cursor = atoi( token );
+		for( i = COMMAND_HISTORY - 1; i >= 0; i-- )
+		{
+			if( !*( token = COM_Parse( &text_p ) ) )
+				break;
 
-		if( !*( token = COM_Parse( &text_p ) ) )
-			break;
+			historyEditLines[ i ].cursor = atoi( token );
 
-		historyEditLines[ i ].scroll = atoi( token );
+			if( !*( token = COM_Parse( &text_p ) ) )
+				break;
 
-		if( !*( token = COM_Parse( &text_p ) ) )
-			break;
+			historyEditLines[ i ].scroll = atoi( token );
 
-		numChars = atoi( token );
-		text_p++;
-		if( numChars > ( strlen( consoleSaveBuffer ) -  ( text_p - consoleSaveBuffer ) ) )
-		{
-			Com_DPrintf( S_COLOR_YELLOW "WARNING: probable corrupt history\n" );
-			break;
+			if( !*( token = COM_Parse( &text_p ) ) )
+				break;
+
+			numChars = atoi( token );
+			text_p++;
+			if( numChars > ( strlen( consoleSaveBuffer ) -	( text_p - consoleSaveBuffer ) ) )
+			{
+				Com_DPrintf( S_COLOR_YELLOW "WARNING: probable corrupt history\n" );
+				break;
+			}
+			Com_Memcpy( historyEditLines[ i ].buffer,
+					text_p, numChars );
+			historyEditLines[ i ].buffer[ numChars ] = '\0';
+			text_p += numChars;
+
+			numLines++;
 		}
-		Com_Memcpy( historyEditLines[ i ].buffer,
-				text_p, numChars );
-		historyEditLines[ i ].buffer[ numChars ] = '\0';
-		text_p += numChars;
 
-		numLines++;
+		memmove( &historyEditLines[ 0 ], &historyEditLines[ i + 1 ],
+				numLines * sizeof( field_t ) );
+		for( i = numLines; i < COMMAND_HISTORY; i++ )
+			Field_Clear( &historyEditLines[ i ] );
+
+		historyLine = nextHistoryLine = numLines;
 	}
+	else
+		Com_Printf( "Couldn't read %s.\n", CONSOLE_HISTORY_FILE );
 
-	memmove( &historyEditLines[ 0 ], &historyEditLines[ i + 1 ],
-			numLines * sizeof( field_t ) );
-	for( i = numLines; i < COMMAND_HISTORY; i++ )
-		Field_Clear( &historyEditLines[ i ] );
-
-	historyLine = nextHistoryLine = numLines;
+	FS_FCloseFile( f );
 }
 
 /*
@@ -1441,8 +1455,9 @@
 */
 void CL_SaveConsoleHistory( void )
 {
-	int i;
-	int	lineLength, saveBufferLength, additionalLength;
+	int						i;
+	int						lineLength, saveBufferLength, additionalLength;
+	fileHandle_t	f;
 
 	consoleSaveBuffer[ 0 ] = '\0';
 
@@ -1454,8 +1469,8 @@
 			lineLength = strlen( historyEditLines[ i ].buffer );
 			saveBufferLength = strlen( consoleSaveBuffer );
 
-			//ICK "seta cl_consoleHistory " + "%d %d %d  " = 23 + 13 = 36
-			additionalLength = lineLength + 36;
+			//ICK
+			additionalLength = lineLength + strlen( "999 999 999	" );
 
 			if( saveBufferLength + additionalLength < MAX_CONSOLE_SAVE_BUFFER )
 			{
@@ -1473,5 +1488,17 @@
 	}
 	while( i != ( nextHistoryLine - 1 ) % COMMAND_HISTORY );
 
-	Cvar_Set( "cl_consoleHistory", consoleSaveBuffer );
+	consoleSaveBufferSize = strlen( consoleSaveBuffer );
+
+	f = FS_FOpenFileWrite( CONSOLE_HISTORY_FILE );
+	if( !f )
+	{
+		Com_Printf( "Couldn't write %s.\n", CONSOLE_HISTORY_FILE );
+		return;
+	}
+
+	if( FS_Write( consoleSaveBuffer, consoleSaveBufferSize, f ) < consoleSaveBufferSize )
+		Com_Printf( "Couldn't write %s.\n", CONSOLE_HISTORY_FILE );
+
+	FS_FCloseFile( f );
 }




More information about the quake3-commits mailing list