From: divverent <divverent@d7cf8633-e32d-0410-b094-e92efae38249>
Date: Sat, 7 Nov 2009 11:37:56 +0000 (+0000)
Subject: fix config.cfg writing (properly escape cvar names and values) to fix seta exploits
X-Git-Tag: xonotic-v0.1.0preview~1198
X-Git-Url: https://git.rm.cloudns.org/?a=commitdiff_plain;h=cdc40956d38987591a9bdaf199fa0f9fcc6eb989;p=xonotic%2Fdarkplaces.git

fix config.cfg writing (properly escape cvar names and values) to fix seta exploits


git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@9444 d7cf8633-e32d-0410-b094-e92efae38249
---

diff --git a/cvar.c b/cvar.c
index 47af3757..125f554b 100644
--- a/cvar.c
+++ b/cvar.c
@@ -653,11 +653,16 @@ with the archive flag set to true.
 void Cvar_WriteVariables (qfile_t *f)
 {
 	cvar_t	*var;
+	char buf1[MAX_INPUTLINE], buf2[MAX_INPUTLINE];
 
 	// don't save cvars that match their default value
 	for (var = cvar_vars ; var ; var = var->next)
 		if ((var->flags & CVAR_SAVE) && (strcmp(var->string, var->defstring) || (var->flags & CVAR_ALLOCATED)))
-			FS_Printf(f, "%s%s \"%s\"\n", var->flags & CVAR_ALLOCATED ? "seta " : "", var->name, var->string);
+		{
+			Cmd_QuoteString(buf1, sizeof(buf1), var->name, "\"\\$");
+			Cmd_QuoteString(buf2, sizeof(buf2), var->string, "\"\\$");
+			FS_Printf(f, "%s\"%s\" \"%s\"\n", var->flags & CVAR_ALLOCATED ? "seta " : "", buf1, buf2);
+		}
 }