From 3289134ae36f4389fe8f5c229f79617fab27cd0f Mon Sep 17 00:00:00 2001 From: thilo Date: Fri, 16 Jun 2006 20:38:08 +0000 Subject: - Fix bug that allows a malicious server to write and overwrite any files in the quake3 directory. Reported by Luigi Auriemma. - Moved directory traversal check to a more proper location. - Added a few sanity checks for checksum/pakname storage to fix a crash that can occur under certain circumstances. git-svn-id: svn://svn.icculus.org/quake3/trunk@804 edf5b092-35ff-0310-97b2-ce42778d08ea --- code/client/cl_main.c | 7 ------- 1 file changed, 7 deletions(-) (limited to 'code/client') diff --git a/code/client/cl_main.c b/code/client/cl_main.c index 12b102d..a2b93b9 100644 --- a/code/client/cl_main.c +++ b/code/client/cl_main.c @@ -1444,13 +1444,6 @@ void CL_NextDownload(void) { else s = localName + strlen(localName); // point at the nul byte - // Make sure the server cannot make us write to non-quake3 directories. - if(strstr(localName, "../") || strstr(localName, "..\\")) - { - Com_Error(ERR_DROP, "CL_NextDownload: Invalid download name %s", localName); - return; - } - CL_BeginDownload( localName, remoteName ); clc.downloadRestart = qtrue; -- cgit v1.2.3