r1250 - in trunk/code: botlib client game ui

DONOTREPLY at icculus.org DONOTREPLY at icculus.org
Tue Jan 22 18:44:10 EST 2008 

Author: tma
Date: 2008-01-22 18:44:10 -0500 (Tue, 22 Jan 2008)
New Revision: 1250

Modified:
   trunk/code/botlib/be_aas_main.c
   trunk/code/botlib/l_script.c
   trunk/code/client/cl_cgame.c
   trunk/code/client/cl_main.c
   trunk/code/client/cl_parse.c
   trunk/code/game/ai_dmnet.c
   trunk/code/ui/ui_main.c
Log:
* (bug 3412) %s expansion security patch (DevHC)


Modified: trunk/code/botlib/be_aas_main.c
===================================================================
--- trunk/code/botlib/be_aas_main.c	2008-01-19 19:06:25 UTC (rev 1249)
+++ trunk/code/botlib/be_aas_main.c	2008-01-22 23:44:10 UTC (rev 1250)
@@ -62,7 +62,7 @@
 	va_start(arglist, fmt);
 	vsprintf(str, fmt, arglist);
 	va_end(arglist);
-	botimport.Print(PRT_FATAL, str);
+	botimport.Print(PRT_FATAL, "%s", str);
 } //end of the function AAS_Error
 //===========================================================================
 //

Modified: trunk/code/botlib/l_script.c
===================================================================
--- trunk/code/botlib/l_script.c	2008-01-19 19:06:25 UTC (rev 1249)
+++ trunk/code/botlib/l_script.c	2008-01-22 23:44:10 UTC (rev 1250)
@@ -1428,6 +1428,6 @@
 #ifdef BSPC
 	sprintf(basefolder, path);
 #else
-	Com_sprintf(basefolder, sizeof(basefolder), path);
+	Com_sprintf(basefolder, sizeof(basefolder), "%s", path);
 #endif
 } //end of the function PS_SetBaseFolder

Modified: trunk/code/client/cl_cgame.c
===================================================================
--- trunk/code/client/cl_cgame.c	2008-01-19 19:06:25 UTC (rev 1249)
+++ trunk/code/client/cl_cgame.c	2008-01-22 23:44:10 UTC (rev 1250)
@@ -296,9 +296,9 @@
 		// https://zerowing.idsoftware.com/bugzilla/show_bug.cgi?id=552
 		// allow server to indicate why they were disconnected
 		if ( argc >= 2 )
-			Com_Error (ERR_SERVERDISCONNECT, va( "Server Disconnected - %s", Cmd_Argv( 1 ) ) );
+			Com_Error( ERR_SERVERDISCONNECT, "Server disconnected - %s", Cmd_Argv( 1 ) );
 		else
-			Com_Error (ERR_SERVERDISCONNECT,"Server disconnected\n");
+			Com_Error( ERR_SERVERDISCONNECT, "Server disconnected\n" );
 	}
 
 	if ( !strcmp( cmd, "bcs0" ) ) {

Modified: trunk/code/client/cl_main.c
===================================================================
--- trunk/code/client/cl_main.c	2008-01-19 19:06:25 UTC (rev 1249)
+++ trunk/code/client/cl_main.c	2008-01-22 23:44:10 UTC (rev 1250)
@@ -452,7 +452,7 @@
 					time / (float)clc.timeDemoFrames,
 					clc.timeDemoMaxDuration,
 					CL_DemoFrameDurationSDev( ) );
-			Com_Printf( buffer );
+			Com_Printf( "%s", buffer );
 
 			// Write a log of all the frame durations
 			if( cl_timedemoLog && strlen( cl_timedemoLog->string ) > 0 )
@@ -1045,7 +1045,7 @@
 
 	fs = Cvar_Get ("cl_anonymous", "0", CVAR_INIT|CVAR_SYSTEMINFO );
 
-	NET_OutOfBandPrint(NS_CLIENT, cls.authorizeServer, va("getKeyAuthorize %i %s", fs->integer, nums) );
+	NET_OutOfBandPrint(NS_CLIENT, cls.authorizeServer, "getKeyAuthorize %i %s", fs->integer, nums );
 }
 
 /*
@@ -3293,7 +3293,7 @@
 	for (i=3; i<count; i++)
 		buffptr += sprintf( buffptr, " %s", Cmd_Argv(i) );
 
-	NET_OutOfBandPrint( NS_SERVER, to, command );
+	NET_OutOfBandPrint( NS_SERVER, to, "%s", command );
 }
 
 

Modified: trunk/code/client/cl_parse.c
===================================================================
--- trunk/code/client/cl_parse.c	2008-01-19 19:06:25 UTC (rev 1249)
+++ trunk/code/client/cl_parse.c	2008-01-22 23:44:10 UTC (rev 1250)
@@ -554,7 +554,7 @@
 
 		if (clc.downloadSize < 0)
 		{
-			Com_Error(ERR_DROP, MSG_ReadString( msg ) );
+			Com_Error( ERR_DROP, "%s", MSG_ReadString( msg ) );
 			return;
 		}
 	}

Modified: trunk/code/game/ai_dmnet.c
===================================================================
--- trunk/code/game/ai_dmnet.c	2008-01-19 19:06:25 UTC (rev 1249)
+++ trunk/code/game/ai_dmnet.c	2008-01-22 23:44:10 UTC (rev 1250)
@@ -85,7 +85,7 @@
 	ClientName(bs->client, netname, sizeof(netname));
 	BotAI_Print(PRT_MESSAGE, "%s at %1.1f switched more than %d AI nodes\n", netname, FloatTime(), MAX_NODESWITCHES);
 	for (i = 0; i < numnodeswitches; i++) {
-		BotAI_Print(PRT_MESSAGE, nodeswitch[i]);
+		BotAI_Print(PRT_MESSAGE, "%s", nodeswitch[i]);
 	}
 	BotAI_Print(PRT_FATAL, "");
 }
@@ -102,7 +102,7 @@
 	Com_sprintf(nodeswitch[numnodeswitches], 144, "%s at %2.1f entered %s: %s from %s\n", netname, FloatTime(), node, str, s);
 #ifdef DEBUG
 	if (0) {
-		BotAI_Print(PRT_MESSAGE, nodeswitch[numnodeswitches]);
+		BotAI_Print(PRT_MESSAGE, "%s", nodeswitch[numnodeswitches]);
 	}
 #endif //DEBUG
 	numnodeswitches++;

Modified: trunk/code/ui/ui_main.c
===================================================================
--- trunk/code/ui/ui_main.c	2008-01-19 19:06:25 UTC (rev 1249)
+++ trunk/code/ui/ui_main.c	2008-01-22 23:44:10 UTC (rev 1250)
@@ -4991,7 +4991,7 @@
 			if (Q_stricmpn(skinname, "icon_", 5) == 0 && !(Q_stricmp(skinname,"icon_blue") == 0 || Q_stricmp(skinname,"icon_red") == 0))
 			{
 				if (Q_stricmp(skinname, "icon_default") == 0) {
-					Com_sprintf( scratch, sizeof(scratch), dirptr);
+					Com_sprintf( scratch, sizeof(scratch), "%s", dirptr);
 				} else {
 					Com_sprintf( scratch, sizeof(scratch), "%s/%s",dirptr, skinname + 5);
 				}
@@ -5003,7 +5003,7 @@
 					}
 				}
 				if (!dirty) {
-					Com_sprintf( uiInfo.q3HeadNames[uiInfo.q3HeadCount], sizeof(uiInfo.q3HeadNames[uiInfo.q3HeadCount]), scratch);
+					Com_sprintf( uiInfo.q3HeadNames[uiInfo.q3HeadCount], sizeof(uiInfo.q3HeadNames[uiInfo.q3HeadCount]), "%s", scratch);
 					uiInfo.q3HeadIcons[uiInfo.q3HeadCount++] = trap_R_RegisterShaderNoMip(va("models/players/%s/%s",dirptr,skinname));
 				}
 			}

More information about the quake3-commits mailing list