From: divverent Date: Sun, 6 Jan 2008 22:23:39 +0000 (+0000) Subject: oops... fixed a security issue with expanding aliases X-Git-Tag: xonotic-v0.1.0preview~2577 X-Git-Url: https://git.rm.cloudns.org/?a=commitdiff_plain;h=2a00971f816fb8d71cb69a4982ec69616f649353;p=xonotic%2Fdarkplaces.git oops... fixed a security issue with expanding aliases git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@7929 d7cf8633-e32d-0410-b094-e92efae38249 --- diff --git a/netconn.c b/netconn.c index 587cdbad..ab96c23f 100755 --- a/netconn.c +++ b/netconn.c @@ -1972,6 +1972,10 @@ qboolean RCon_Authenticate(const char *password, const char *s, const char *endp if(strcmp(rcon_restricted_password.string, password)) return false; + for(text = s; text != endpos; ++text) + if(*text > 0 && *text < ' ' || *text == ';') + return false; // block possible exploits against the parser/alias expansion + while(s != endpos) { size_t l = strlen(s); @@ -1979,26 +1983,6 @@ qboolean RCon_Authenticate(const char *password, const char *s, const char *endp { text = s; - // THIS MUST MATCH Cmd_TokenizeString FOR SECURITY REASONS - while (*text && *text <= ' ' && *text != '\r' && *text != '\n') - text++; - - // line endings: - // UNIX: \n - // Mac: \r - // Windows: \r\n - if (*text == '\n' || *text == '\r') - { - // a newline separates commands in the buffer - if (*text == '\r' && text[1] == '\n') - text++; - text++; - return false; - } - - if (!*text) - return false; - if (!COM_ParseToken_Console(&text)) return false;