From 3289134ae36f4389fe8f5c229f79617fab27cd0f Mon Sep 17 00:00:00 2001
From: thilo <thilo@edf5b092-35ff-0310-97b2-ce42778d08ea>
Date: Fri, 16 Jun 2006 20:38:08 +0000
Subject: - Fix bug that allows a malicious server to write and overwrite any
 files in the quake3 directory.   Reported by Luigi Auriemma. - Moved
 directory traversal check to a more proper location. - Added a few sanity
 checks for checksum/pakname storage to fix a crash that can occur under
 certain circumstances.

git-svn-id: svn://svn.icculus.org/quake3/trunk@804 edf5b092-35ff-0310-97b2-ce42778d08ea
---
 code/client/cl_main.c | 7 -------
 1 file changed, 7 deletions(-)

(limited to 'code/client/cl_main.c')

diff --git a/code/client/cl_main.c b/code/client/cl_main.c
index 12b102d..a2b93b9 100644
--- a/code/client/cl_main.c
+++ b/code/client/cl_main.c
@@ -1444,13 +1444,6 @@ void CL_NextDownload(void) {
 		else
 			s = localName + strlen(localName); // point at the nul byte
 		
-		// Make sure the server cannot make us write to non-quake3 directories.
-		if(strstr(localName, "../") || strstr(localName, "..\\"))
-		{
-			Com_Error(ERR_DROP, "CL_NextDownload: Invalid download name %s", localName);
-			return;
-		}
-
 		CL_BeginDownload( localName, remoteName );
 
 		clc.downloadRestart = qtrue;
-- 
cgit v1.2.3