[quake3-bugzilla] [Bug 5452] New: SV_ExecuteClientCommand() assumes the str length
bugzilla-daemon at icculus.org
bugzilla-daemon at icculus.org
Fri Mar 23 14:53:37 EDT 2012
https://bugzilla.icculus.org/show_bug.cgi?id=5452
Summary: SV_ExecuteClientCommand() assumes the str length
Product: ioquake3
Version: SVN HEAD
Platform: PC
OS/Version: Windows Vista
Status: NEW
Severity: minor
Priority: P3
Component: Misc
AssignedTo: zakk at icculus.org
ReportedBy: lrq3000 at gmail.com
QAContact: quake3-bugzilla at icculus.org
There is a potential bug that may crash the server in sv_client.c
SV_ExecuteClientCommand() function:
if(strcmp(Cmd_Argv(0), "say") && strcmp(Cmd_Argv(0), "say_team") )
Cmd_Args_Sanitize(); //remove \n, \r and ; from string. We
don't do that for say-commands because it makes people mad (understandebly)
VM_Call( gvm, GAME_CLIENT_COMMAND, cl - svs.clients );
The strcmp assumes the client command is at least 3 characters, but if it's
below, it may crash the server. This should be converted to a Q_stricmp or a
Q_strncmp.
--
Configure bugmail: https://bugzilla.icculus.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
More information about the quake3-bugzilla
mailing list