This is an automated email from the git hooks/post-receive script.

smcv pushed a commit to annotated tag 1.42d
in repository iortcw.

commit 2116392b158b2c38b5e9a7626b9ee5e12bbcfd29
Author: Donny <m4n4t4...@gmail.com>
Date:   Fri Jun 19 06:06:12 2015 -0400

    All: Fix buffer overflow in CL_CheckForResend
---
 MP/code/client/cl_main.c | 19 ++++---------------
 SP/code/client/cl_main.c | 19 ++++---------------
 2 files changed, 8 insertions(+), 30 deletions(-)

diff --git a/MP/code/client/cl_main.c b/MP/code/client/cl_main.c
index e6410bf..283176e 100644
--- a/MP/code/client/cl_main.c
+++ b/MP/code/client/cl_main.c
@@ -2479,9 +2479,9 @@ Resend a connect message if the last one has timed out
 =================
 */
 void CL_CheckForResend( void ) {
-       int             port, i;
+       int             port;
        char    info[MAX_INFO_STRING];
-       char    data[MAX_INFO_STRING];
+       char    data[MAX_INFO_STRING + 10];
 
        // don't send anything if playing back a demo
        if ( clc.demoplaying ) {
@@ -2535,19 +2535,8 @@ void CL_CheckForResend( void ) {
                Info_SetValueForKey( info, "qport", va("%i", port ) );
                Info_SetValueForKey( info, "challenge", va("%i", clc.challenge 
) );
                
-               strcpy(data, "connect ");
-    // TTimo adding " " around the userinfo string to avoid truncated userinfo 
on the server
-    //   (Com_TokenizeString tokenizes around spaces)
-    data[8] = '"';
-
-               for(i=0;i<strlen(info);i++) {
-                       data[9+i] = info[i];    // + (clc.challenge)&0x3;
-               }
-    data[9+i] = '"';
-               data[10+i] = 0;
-
-    // NOTE TTimo don't forget to set the right data length!
-               NET_OutOfBandData( NS_CLIENT, clc.serverAddress, (byte *) 
&data[0], i+10 );
+               Com_sprintf( data, sizeof(data), "connect \"%s\"", info );
+               NET_OutOfBandData( NS_CLIENT, clc.serverAddress, (byte *) data, 
strlen ( data ) );
                // the most current userinfo has been sent, so watch for any
                // newer changes to userinfo variables
                cvar_modifiedFlags &= ~CVAR_USERINFO;
diff --git a/SP/code/client/cl_main.c b/SP/code/client/cl_main.c
index 40b9941..ca5671f 100644
--- a/SP/code/client/cl_main.c
+++ b/SP/code/client/cl_main.c
@@ -2336,9 +2336,9 @@ Resend a connect message if the last one has timed out
 =================
 */
 void CL_CheckForResend( void ) {
-       int port, i;
+       int             port;
        char info[MAX_INFO_STRING];
-       char data[MAX_INFO_STRING];
+       char    data[MAX_INFO_STRING + 10];
 
        // don't send anything if playing back a demo
        if ( clc.demoplaying ) {
@@ -2391,19 +2391,8 @@ void CL_CheckForResend( void ) {
                Info_SetValueForKey( info, "qport", va( "%i", port ) );
                Info_SetValueForKey( info, "challenge", va( "%i", clc.challenge 
) );
 
-               strcpy(data, "connect ");
-    // TTimo adding " " around the userinfo string to avoid truncated userinfo 
on the server
-    //   (Com_TokenizeString tokenizes around spaces)
-    data[8] = '"';
-
-               for(i=0;i<strlen(info);i++) {
-                       data[9+i] = info[i];    // + (clc.challenge)&0x3;
-               }
-    data[9+i] = '"';
-               data[10+i] = 0;
-
-    // NOTE TTimo don't forget to set the right data length!
-               NET_OutOfBandData( NS_CLIENT, clc.serverAddress, (byte *) 
&data[0], i+10 );
+               Com_sprintf( data, sizeof(data), "connect \"%s\"", info );
+               NET_OutOfBandData( NS_CLIENT, clc.serverAddress, (byte *) data, 
strlen ( data ) );
                // the most current userinfo has been sent, so watch for any
                // newer changes to userinfo variables
                cvar_modifiedFlags &= ~CVAR_USERINFO;

-- 
Alioth's /usr/local/bin/git-commit-notice on 
/srv/git.debian.org/git/pkg-games/iortcw.git

_______________________________________________
Pkg-games-commits mailing list
Pkg-games-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-games-commits

Reply via email to