aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortjw <tjw@edf5b092-35ff-0310-97b2-ce42778d08ea>2007-02-14 23:14:25 +0000
committertjw <tjw@edf5b092-35ff-0310-97b2-ce42778d08ea>2007-02-14 23:14:25 +0000
commit4abb9b0b7511e62de9f548415b484ace2454a3ef (patch)
tree99825c4527cdfddd7b08552b81e646e21d0f56c9
parent8774671902dfe21a637aa1b3a5125ca2b60807dc (diff)
downloadioquake3-aero-4abb9b0b7511e62de9f548415b484ace2454a3ef.tar.gz
ioquake3-aero-4abb9b0b7511e62de9f548415b484ace2454a3ef.zip
* (bug 3027) don't trust the "ip" value in the userinfo string since a client
could set this. disconnect (or disallow connection for) a client that has a userinfo string that's too full for "ip" to be added properly. (Richard Stanway) git-svn-id: svn://svn.icculus.org/quake3/trunk@1043 edf5b092-35ff-0310-97b2-ce42778d08ea
-rw-r--r--code/server/sv_client.c48
1 files changed, 32 insertions, 16 deletions
diff --git a/code/server/sv_client.c b/code/server/sv_client.c
index a0df1ce..71b0386 100644
--- a/code/server/sv_client.c
+++ b/code/server/sv_client.c
@@ -238,6 +238,7 @@ void SV_DirectConnect( netadr_t from ) {
int startIndex;
intptr_t denied;
int count;
+ char *ip;
Com_DPrintf ("SVC_DirectConnect ()\n");
@@ -269,6 +270,19 @@ void SV_DirectConnect( netadr_t from ) {
break;
}
}
+
+ // don't let "ip" overflow userinfo string
+ if ( NET_IsLocalAddress (from) )
+ ip = "localhost";
+ else
+ ip = (char *)NET_AdrToString( from );
+ if( ( strlen( ip ) + strlen( userinfo ) + 4 ) >= MAX_INFO_STRING ) {
+ NET_OutOfBandPrint( NS_SERVER, from,
+ "print\nUserinfo string length exceeded. "
+ "Try removing setu cvars from your config.\n" );
+ return;
+ }
+ Info_SetValueForKey( userinfo, "ip", ip );
// see if the challenge is valid (LAN clients don't need to challenge)
if ( !NET_IsLocalAddress (from) ) {
@@ -285,8 +299,6 @@ void SV_DirectConnect( netadr_t from ) {
NET_OutOfBandPrint( NS_SERVER, from, "print\nNo or bad challenge for address.\n" );
return;
}
- // force the IP key/value pair so the game can filter based on ip
- Info_SetValueForKey( userinfo, "ip", NET_AdrToString( from ) );
ping = svs.time - svs.challenges[i].pingTime;
Com_Printf( "Client %i connecting with %i challenge ping\n", i, ping );
@@ -309,9 +321,6 @@ void SV_DirectConnect( netadr_t from ) {
return;
}
}
- } else {
- // force the "ip" info key to "localhost"
- Info_SetValueForKey( userinfo, "ip", "localhost" );
}
newcl = &temp;
@@ -1165,7 +1174,9 @@ into a more C friendly form.
*/
void SV_UserinfoChanged( client_t *cl ) {
char *val;
+ char *ip;
int i;
+ int len;
// name for C code
Q_strncpyz( cl->name, Info_ValueForKey (cl->userinfo, "name"), sizeof(cl->name) );
@@ -1214,18 +1225,23 @@ void SV_UserinfoChanged( client_t *cl ) {
// TTimo
// maintain the IP information
- // this is set in SV_DirectConnect (directly on the server, not transmitted), may be lost when client updates it's userinfo
// the banning code relies on this being consistently present
- val = Info_ValueForKey (cl->userinfo, "ip");
- if (!val[0])
- {
- //Com_DPrintf("Maintain IP in userinfo for '%s'\n", cl->name);
- if ( !NET_IsLocalAddress(cl->netchan.remoteAddress) )
- Info_SetValueForKey( cl->userinfo, "ip", NET_AdrToString( cl->netchan.remoteAddress ) );
- else
- // force the "ip" info key to "localhost" for local clients
- Info_SetValueForKey( cl->userinfo, "ip", "localhost" );
- }
+ if( NET_IsLocalAddress(cl->netchan.remoteAddress) )
+ ip = "localhost";
+ else
+ ip = (char*)NET_AdrToString( cl->netchan.remoteAddress );
+
+ val = Info_ValueForKey( cl->userinfo, "ip" );
+ if( val[0] )
+ len = strlen( ip ) - strlen( val ) + strlen( cl->userinfo );
+ else
+ len = strlen( ip ) + 4 + strlen( cl->userinfo );
+
+ if( len >= MAX_INFO_STRING )
+ SV_DropClient( cl, "userinfo string length exceeded" );
+ else
+ Info_SetValueForKey( cl->userinfo, "ip", ip );
+
}