From 95309c266f9406fb010e30aa1383efe84082270c Mon Sep 17 00:00:00 2001 From: divverent Date: Wed, 25 Apr 2007 08:38:40 +0000 Subject: [PATCH] prevent abuse by ending netname with a ^: if the name is not a valid colored string, add a ^ if possible, and if there is no space for it, remove the trailing ^ git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@7190 d7cf8633-e32d-0410-b094-e92efae38249 --- host_cmd.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/host_cmd.c b/host_cmd.c index 07c92aa2..de921fdf 100644 --- a/host_cmd.c +++ b/host_cmd.c @@ -737,6 +737,7 @@ cvar_t cl_name = {CVAR_SAVE | CVAR_NQUSERINFOHACK, "_cl_name", "player", "intern void Host_Name_f (void) { int i, j; + qboolean valid_colors; char newName[sizeof(host_client->name)]; if (Cmd_Argc () == 1) @@ -771,6 +772,27 @@ void Host_Name_f (void) // point the string back at updateclient->name to keep it safe strlcpy (host_client->name, newName, sizeof (host_client->name)); + + COM_StringLengthNoColors(host_client->name, &valid_colors); + if(!valid_colors) // NOTE: this also proves the string is not empty, as "" is a valid colored string + { + size_t l; + l = strlen(host_client->name); + if(l < sizeof(host_client->name) - 1) + { + // duplicate the color tag to escape it + host_client->name[i] = STRING_COLOR_TAG; + host_client->name[i+1] = 0; + //Con_DPrintf("abuse detected, adding another trailing color tag\n"); + } + else + { + // remove the last character to fix the color code + host_client->name[l-1] = 0; + //Con_DPrintf("abuse detected, removing a trailing color tag\n"); + } + } + host_client->edict->fields.server->netname = PRVM_SetEngineString(host_client->name); if (strcmp(host_client->old_name, host_client->name)) { -- 2.39.5