From 8bcef73b4693bfd28e2c44c4fd627cf4754c2867 Mon Sep 17 00:00:00 2001
From: cloudwalk <cloudwalk@d7cf8633-e32d-0410-b094-e92efae38249>
Date: Thu, 4 Jun 2020 14:49:55 +0000
Subject: [PATCH] Heap-allocate sessionid cvar's string to avoid stack
 corruption

Previously it was trying to shove the address of a local variable, which
is bad.

git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@12633 d7cf8633-e32d-0410-b094-e92efae38249
---
 host.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/host.c b/host.c
index 9a3d6ace..ae985c50 100644
--- a/host.c
+++ b/host.c
@@ -1112,17 +1112,21 @@ static qboolean locksession_run = false;
 static void Host_InitSession(void)
 {
 	int i;
+	char *buf;
 	Cvar_RegisterVariable(&sessionid);
 	Cvar_RegisterVariable(&locksession);
 
 	// load the session ID into the read-only cvar
 	if ((i = COM_CheckParm("-sessionid")) && (i + 1 < com_argc))
 	{
-		char vabuf[1024];
 		if(com_argv[i+1][0] == '.')
 			Cvar_SetQuick(&sessionid, com_argv[i+1]);
 		else
-			Cvar_SetQuick(&sessionid, va(vabuf, sizeof(vabuf), ".%s", com_argv[i+1]));
+		{
+			buf = (char *)Z_Malloc(strlen(com_argv[i+1]+2));
+			dpsnprintf(buf, sizeof(buf), ".%s", com_argv[i+1]);
+			Cvar_SetQuick(&sessionid, buf);
+		}
 	}
 }
 void Host_LockSession(void)
-- 
2.39.2