aboutsummaryrefslogtreecommitdiffstats
path: root/code/client
diff options
context:
space:
mode:
authorthilo <thilo@edf5b092-35ff-0310-97b2-ce42778d08ea>2006-06-16 20:38:08 +0000
committerthilo <thilo@edf5b092-35ff-0310-97b2-ce42778d08ea>2006-06-16 20:38:08 +0000
commit3289134ae36f4389fe8f5c229f79617fab27cd0f (patch)
tree92c8d40977df11bfb04668a3ec59bbdb38f2a040 /code/client
parent1bf90e5ce6b77e61ea5ce01172f14d0916b27a1c (diff)
downloadioquake3-aero-3289134ae36f4389fe8f5c229f79617fab27cd0f.tar.gz
ioquake3-aero-3289134ae36f4389fe8f5c229f79617fab27cd0f.zip
- Fix bug that allows a malicious server to write and overwrite any files in the quake3 directory.
Reported by Luigi Auriemma. - Moved directory traversal check to a more proper location. - Added a few sanity checks for checksum/pakname storage to fix a crash that can occur under certain circumstances. git-svn-id: svn://svn.icculus.org/quake3/trunk@804 edf5b092-35ff-0310-97b2-ce42778d08ea
Diffstat (limited to 'code/client')
-rw-r--r--code/client/cl_main.c7
1 files changed, 0 insertions, 7 deletions
diff --git a/code/client/cl_main.c b/code/client/cl_main.c
index 12b102d..a2b93b9 100644
--- a/code/client/cl_main.c
+++ b/code/client/cl_main.c
@@ -1444,13 +1444,6 @@ void CL_NextDownload(void) {
else
s = localName + strlen(localName); // point at the nul byte
- // Make sure the server cannot make us write to non-quake3 directories.
- if(strstr(localName, "../") || strstr(localName, "..\\"))
- {
- Com_Error(ERR_DROP, "CL_NextDownload: Invalid download name %s", localName);
- return;
- }
-
CL_BeginDownload( localName, remoteName );
clc.downloadRestart = qtrue;