Hi guys. I'm doing some work on the ioquake3 consoles (both in-game and
tty). I came across 2 bugs in cl_keys.c (in-game console).
1. When a player isn't connected to a server and types a command into the
in-game console without a preceding slash, a slash is prepended to the
command. If that existing command without the slash is already at capacity
(255 characters), the last character is dropped, a "\" is prepended, and
the cursor is increased by one. If the cursor was already at the end
(meaning at 255), it's now at 256, which is past the command buffer. This
is a bug. The cursor should stay at 255 in this case.
2. When a player isn't connected to a server and just presses Enter in the
in-game console, a "\" is added to the command history. It's better to not
add anything to the command history if the player pressed Enter on an empty
line.
I also added two comments which don't fix anything. You can read those in
the patch. Tell me what you think.
If there is anything wrong with my patch or you'd like to see a change to
the patch please let me know and I'll work in it some more.
I have more changes on the way having to do with con_tty.c. Those will be
bigger changes. The ones attached here are minor, but important
nonetheless.
- Rambetter
Index: code/client/cl_keys.c
===================================================================
--- code/client/cl_keys.c (revision 1802)
+++ code/client/cl_keys.c (working copy)
@@ -583,14 +583,28 @@
// enter finishes the line
if ( key == K_ENTER || key == K_KP_ENTER ) {
- // if not in the game explicitly prepend a slash if needed
- if ( cls.state != CA_ACTIVE && g_consoleField.buffer[0] != '\\'
- && g_consoleField.buffer[0] != '/' ) {
+ // If not in the game explicitly prepend a slash if needed.
+ // Rambetter might recommend removing this feature. Take the following scenario.
+ // The player types "rconpassword foofoo" (without preceding slash) while not connected.
+ // This changes the rconpassword. Then the player connects and types the same thing.
+ // Oops! The rconpassword is leaked! This has happened many times on many servers.
+ // Think of a good way to prevent that. Not treating strings as commands if they don't
+ // start with a slash would be consistent and safe. That is the way to go I think.
+ if ( cls.state != CA_ACTIVE &&
+ g_consoleField.buffer[0] && // don't add empty line to history
+ g_consoleField.buffer[0] != '\\'
+ && g_consoleField.buffer[0] != '/' ) {
+
char temp[MAX_EDIT_LINE-1];
+ // Bug: This drops the last character from the command buffer if it's at capacity.
Q_strncpyz( temp, g_consoleField.buffer, sizeof( temp ) );
Com_sprintf( g_consoleField.buffer, sizeof( g_consoleField.buffer ), "\\%s", temp );
- g_consoleField.cursor++;
+ if (g_consoleField.cursor < MAX_EDIT_LINE - 1) {
+ g_consoleField.cursor++;
+ }
+ // Otherwise we dropped last character in the command buffer and the
+ // cursor is at the end of the line, so don't increment cursor.
}
Com_Printf ( "]%s\n", g_consoleField.buffer );
_______________________________________________
ioquake3 mailing list
[email protected]
http://lists.ioquake.org/listinfo.cgi/ioquake3-ioquake.org
By sending this message I agree to love ioquake3 and libsdl.
