[Bug 3767] Some protection from malicious qvms

bugzilla-daemon at icculus.org bugzilla-daemon at icculus.org
Wed Sep 3 17:50:41 EDT 2008


bugzilla at benmachine.co.uk changed:

           What    |Removed                     |Added
Attachment #1853 is|0                           |1
           obsolete|                            |

------- Comment #4 from bugzilla at benmachine.co.uk  2008-09-03 17:50 EDT -------
Created an attachment (id=1854)
 --> (http://bugzilla.icculus.org/attachment.cgi?id=1854&action=view)
Tighter security

This patch prohibits using Cvar_Get to add CVAR_USER_CREATED to an
already-existing variable, which should close the security hole with
It also adds protection to sv_game.c which I omitted the first time.

Configure bugmail: http://bugzilla.icculus.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

More information about the quake3-bugzilla mailing list