aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorthilo <thilo@edf5b092-35ff-0310-97b2-ce42778d08ea>2006-07-06 00:37:56 +0000
committerthilo <thilo@edf5b092-35ff-0310-97b2-ce42778d08ea>2006-07-06 00:37:56 +0000
commit658781be5433d156c128f26bb31a59e75abd0c65 (patch)
treee18e971369f4184c99fa84cc84039a2d8c534b1c
parent87c1e45342de332c2564eb76b420736667b929c9 (diff)
downloadioquake3-aero-658781be5433d156c128f26bb31a59e75abd0c65.tar.gz
ioquake3-aero-658781be5433d156c128f26bb31a59e75abd0c65.zip
Fix critical buffer overflow in cgame, see exploit at http://www.milw0rm.com/exploits/1977
git-svn-id: svn://svn.icculus.org/quake3/trunk@813 edf5b092-35ff-0310-97b2-ce42778d08ea
-rw-r--r--code/cgame/cg_main.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/code/cgame/cg_main.c b/code/cgame/cg_main.c
index bfb111c..8d88726 100644
--- a/code/cgame/cg_main.c
+++ b/code/cgame/cg_main.c
@@ -703,7 +703,7 @@ static void CG_RegisterSounds( void ) {
}
// only register the items that the server says we need
- strcpy( items, CG_ConfigString( CS_ITEMS ) );
+ Q_strncpyz(items, CG_ConfigString(CS_ITEMS), sizeof(items));
for ( i = 1 ; i < bg_numItems ; i++ ) {
// if ( items[ i ] == '1' || cg_buildScript.integer ) {
@@ -1016,7 +1016,7 @@ static void CG_RegisterGraphics( void ) {
memset( cg_weapons, 0, sizeof( cg_weapons ) );
// only register the items that the server says we need
- strcpy( items, CG_ConfigString( CS_ITEMS) );
+ Q_strncpyz(items, CG_ConfigString(CS_ITEMS), sizeof(items));
for ( i = 1 ; i < bg_numItems ; i++ ) {
if ( items[ i ] == '1' || cg_buildScript.integer ) {