Ejemplo n.º 1
0
void trap_SendServerCommand( int clientNum, const char *text ) {
	//JAC - 1022 character fix
	// rain - hack - commands over 1022 chars will crash the
	// client upon receipt, so ignore them
	if ( strlen( text ) > 1022 ) {
		G_SecurityLogPrintf( "trap_SendServerCommand( %d, ... ) length exceeds 1022.\n", clientNum );
		G_SecurityLogPrintf( "text [%s]\n", text );
		return;
	}
	Q_syscall( G_SEND_SERVER_COMMAND, clientNum, text );
}
Ejemplo n.º 2
0
static int GLua_SecurityLogPrint( lua_State *L )
{
	// Same thing as GLua_Print, but we're doing this in the security log
	char *msg;
	int i;
	int args = lua_gettop(L);
	const char *res;
	char buff[16384] = {0};
	char *nl;

	// Concat all args and use that as the print
	GLua_Push_ToString(L);

	for (i = 1; i <= args; i++) 
	{
		lua_pushvalue(L,-1);
		lua_pushvalue(L, i);
		lua_call(L, 1, 1); // Assume this will never error out
		res = lua_tostring(L,-1);
		if (res) {
			Q_strcat(&buff[0], sizeof(buff), res);
		}
		lua_pop(L,1);
	}
	lua_pop(L,1);
	msg = &buff[0];

	nl = msg;
	while (1) {
		if ( !(*nl) ) {
			if ( *msg ) {
				assert( strlen( msg ) < 4095 ); // Failsafe, this should never happen (4096 is engine MAXPRINTMSG, accomodate for the added \n in the next call)
				G_SecurityLogPrintf( "%s\n", msg );
			}
			break;
		}
		if ( *nl == '\n' ) {
			*nl = '\0';
			assert( strlen( msg ) < 4095 ); // Failsafe, this should never happen
			G_SecurityLogPrintf( "%s\n", msg );
			msg = nl + 1;
			*nl = '\n';
		}
		nl++;
	}
	return 0;
}
Ejemplo n.º 3
0
	static void USED DoneDL_Handler( client_t *client )
	{
		// fix: set CS_PRIMED only when CS_CONNECTED is current state
		if ( client->state == CS_CONNECTED )
			client->state = CS_PRIMED;
		else
		{
			char tmpIP[NET_ADDRSTRMAXLEN] = {0};
			NET_AddrToString( tmpIP, sizeof( tmpIP ), &client->netchan.remoteAddress );
			G_SecurityLogPrintf( "Client %d (%s) probably tried \"donedl\" exploit when client->state(%d)!=CS_CONNECTED(%d) [IP: %s]\n", client->gentity->s.number, client->name, client->state, CS_CONNECTED, tmpIP );
		}
	}
Ejemplo n.º 4
0
	static void USED CheckConnectionlessPacket( const char *cmd, const char *ip )
	{//Truncate any oversized commands
		char *s = (char *)ENG_Cmd_Argv( 1 );

		if ( !Q_stricmp( cmd, "getstatus" ) || !Q_stricmp( cmd, "getinfo" ) )
		{//	We got a risky function here, get arg 1 and truncate if needed
			
			// 32 chars should be more than enough for the challenge number
			if ( strlen( s ) > 32 )
			{
				s[32] = '\0';
				G_SecurityLogPrintf( "Attempted q3infoboom from %s with command %s\n", ip, cmd );
			}
		}

		else if ( !Q_stricmp( cmd, "connect" ) || !Q_stricmp( cmd, "rcon" ) )
		{
			if ( strlen( s ) > 980 )
			{
				s[980] = '\0';
				G_SecurityLogPrintf( "Attempted q3infoboom from %s with command %s\n", ip, cmd );
			}
		}
	}
Ejemplo n.º 5
0
void Svcmd_Say_f( void ) {
	char *p = NULL;
	// don't let text be too long for malicious reasons
	char text[MAX_SAY_TEXT] = {0};

	if ( trap->Argc () < 2 )
		return;

	p = ConcatArgs( 1 );

	if ( strlen( p ) >= MAX_SAY_TEXT ) {
		p[MAX_SAY_TEXT-1] = '\0';
		G_SecurityLogPrintf( "Cmd_Say_f from -1 (server) has been truncated: %s\n", p );
	}

	Q_strncpyz( text, p, sizeof(text) );
	Q_strstrip( text, "\n\r", "  " );

	//G_LogPrintf( "say: server: %s\n", text );
	trap->SendServerCommand( -1, va("print \"server: %s\n\"", text ) );
}