This is an automated email from the git hooks/post-receive script.
smcv pushed a commit to tag 1.51
in repository iortcw.
commit 30ac4edeb8981ed27014a53d400fd51873b4144f
Author: MAN-AT-ARMS <m4n4t4...@gmail.com>
Date: Thu May 25 10:37:16 2017 -0400
All: Don't load libraries with non-standard file extensions
---
MP/code/client/snd_openal.c | 6 ------
MP/code/qcommon/files.c | 2 +-
MP/code/qcommon/qcommon.h | 2 ++
MP/code/sys/sys_main.c | 11 ++++++++---
MP/code/sys/sys_unix.c | 39 +++++++++++++++++++++++++++++++++++++++
MP/code/sys/sys_win32.c | 21 +++++++++++++++++++++
SP/code/client/snd_openal.c | 6 ------
SP/code/qcommon/files.c | 2 +-
SP/code/qcommon/qcommon.h | 2 ++
SP/code/sys/sys_main.c | 11 ++++++++---
SP/code/sys/sys_unix.c | 41 +++++++++++++++++++++++++++++++++++++++++
SP/code/sys/sys_win32.c | 23 ++++++++++++++++++++---
12 files changed, 143 insertions(+), 23 deletions(-)
diff --git a/MP/code/client/snd_openal.c b/MP/code/client/snd_openal.c
index bdfcc7d..a485015 100644
--- a/MP/code/client/snd_openal.c
+++ b/MP/code/client/snd_openal.c
@@ -2623,12 +2623,6 @@ qboolean S_AL_Init( soundInterface_t *si )
s_alInputDevice = Cvar_Get( "s_alInputDevice", "", CVAR_ARCHIVE |
CVAR_LATCH );
s_alDevice = Cvar_Get("s_alDevice", "", CVAR_ARCHIVE | CVAR_LATCH);
- if ( COM_CompareExtension( s_alDriver->string, ".pk3" ) )
- {
- Com_Printf( "Rejecting DLL named \"%s\"", s_alDriver->string );
- return qfalse;
- }
-
// Load QAL
if( !QAL_Init( s_alDriver->string ) )
{
diff --git a/MP/code/qcommon/files.c b/MP/code/qcommon/files.c
index 7161002..3ad6a8b 100644
--- a/MP/code/qcommon/files.c
+++ b/MP/code/qcommon/files.c
@@ -575,7 +575,7 @@ static void FS_CheckFilenameIsMutable( const char *filename,
const char *function )
{
// Check if the filename ends with the library, QVM, or pk3 extension
- if( COM_CompareExtension( filename, DLL_EXT )
+ if( Sys_DllExtension( filename )
|| COM_CompareExtension( filename, ".qvm" )
|| COM_CompareExtension( filename, ".pk3" ) )
{
diff --git a/MP/code/qcommon/qcommon.h b/MP/code/qcommon/qcommon.h
index 517ff37..699ed5f 100644
--- a/MP/code/qcommon/qcommon.h
+++ b/MP/code/qcommon/qcommon.h
@@ -1194,6 +1194,8 @@ void * QDECL Sys_LoadGameDll( const char *name,
intptr_t (QDECL **entryPoint)(in
intptr_t (QDECL *systemcalls)(intptr_t, ...)
);
void Sys_UnloadDll( void *dllHandle );
+qboolean Sys_DllExtension( const char *name );
+
char *Sys_GetCurrentUser( void );
void QDECL Sys_Error( const char *error, ...) __attribute__ ((noreturn,
format (printf, 1, 2)));
diff --git a/MP/code/sys/sys_main.c b/MP/code/sys/sys_main.c
index f3dc2e9..0843f9e 100644
--- a/MP/code/sys/sys_main.c
+++ b/MP/code/sys/sys_main.c
@@ -500,10 +500,9 @@ void *Sys_LoadDll(const char *name, qboolean useSystemLib)
{
void *dllhandle;
- // Don't load any DLLs that end with the pk3 extension
- if (COM_CompareExtension(name, ".pk3"))
+ if(!Sys_DllExtension(name))
{
- Com_Printf("Rejecting DLL named \"%s\"", name);
+ Com_Printf("Refusing to attempt to load library \"%s\":
Extension not allowed.\n", name);
return NULL;
}
@@ -561,6 +560,12 @@ void *Sys_LoadGameDll(const char *name,
assert(name);
+ if(!Sys_DllExtension(name))
+ {
+ Com_Printf("Refusing to attempt to load library \"%s\":
Extension not allowed.\n", name);
+ return NULL;
+ }
+
Com_Printf( "Loading DLL file: %s\n", name);
libHandle = Sys_LoadLibrary(name);
diff --git a/MP/code/sys/sys_unix.c b/MP/code/sys/sys_unix.c
index 59d9f5b..a84ed70 100644
--- a/MP/code/sys/sys_unix.c
+++ b/MP/code/sys/sys_unix.c
@@ -949,7 +949,46 @@ qboolean Sys_PIDIsRunning( int pid )
return kill( pid, 0 ) == 0;
}
+/*
+=================
+Sys_DllExtension
+
+Check if filename should be allowed to be loaded as a DLL.
+=================
+*/
+qboolean Sys_DllExtension( const char *name ) {
+ const char *p;
+ char c = 0;
+
+ if ( COM_CompareExtension( name, DLL_EXT ) ) {
+ return qtrue;
+ }
+
+ // Check for format of filename.so.1.2.3
+ p = strstr( name, DLL_EXT "." );
+
+ if ( p ) {
+ p += strlen( DLL_EXT );
+
+ // Check if .so is only followed for periods and numbers.
+ while ( *p ) {
+ c = *p;
+ if ( !isdigit( c ) && c != '.' ) {
+ return qfalse;
+ }
+
+ p++;
+ }
+
+ // Don't allow filename to end in a period. file.so.,
file.so.0., etc
+ if ( c != '.' ) {
+ return qtrue;
+ }
+ }
+
+ return qfalse;
+}
/*
==================
diff --git a/MP/code/sys/sys_win32.c b/MP/code/sys/sys_win32.c
index e1e9f37..da23ddb 100644
--- a/MP/code/sys/sys_win32.c
+++ b/MP/code/sys/sys_win32.c
@@ -907,10 +907,31 @@ qboolean Sys_PIDIsRunning( int pid )
return qfalse;
}
+/*
+=================
+Sys_DllExtension
+
+Check if filename should be allowed to be loaded as a DLL.
+=================
+*/
+qboolean Sys_DllExtension( const char *name ) {
+ return COM_CompareExtension( name, DLL_EXT );
+}
+
+/*
+==============
+Sys_GetDLLName
+==============
+*/
char* Sys_GetDLLName( const char *name ) {
return va("%s_mp_" ARCH_STRING DLL_EXT, name);
}
+/*
+==============
+Sys_GetHighQualityCPU
+==============
+*/
int Sys_GetHighQualityCPU() {
return 1;
}
diff --git a/SP/code/client/snd_openal.c b/SP/code/client/snd_openal.c
index c0a70a0..0d6ceaf 100644
--- a/SP/code/client/snd_openal.c
+++ b/SP/code/client/snd_openal.c
@@ -2680,12 +2680,6 @@ qboolean S_AL_Init( soundInterface_t *si )
s_alInputDevice = Cvar_Get( "s_alInputDevice", "", CVAR_ARCHIVE |
CVAR_LATCH );
s_alDevice = Cvar_Get("s_alDevice", "", CVAR_ARCHIVE | CVAR_LATCH);
- if ( COM_CompareExtension( s_alDriver->string, ".pk3" ) )
- {
- Com_Printf( "Rejecting DLL named \"%s\"", s_alDriver->string );
- return qfalse;
- }
-
// Load QAL
if( !QAL_Init( s_alDriver->string ) )
{
diff --git a/SP/code/qcommon/files.c b/SP/code/qcommon/files.c
index e27ee99..260dc95 100644
--- a/SP/code/qcommon/files.c
+++ b/SP/code/qcommon/files.c
@@ -704,7 +704,7 @@ static void FS_CheckFilenameIsMutable( const char *filename,
const char *function )
{
// Check if the filename ends with the library, QVM, or pk3 extension
- if(COM_CompareExtension( filename, DLL_EXT )
+ if( Sys_DllExtension( filename )
|| COM_CompareExtension( filename, ".qvm" )
|| COM_CompareExtension( filename, ".pk3" ) )
{
diff --git a/SP/code/qcommon/qcommon.h b/SP/code/qcommon/qcommon.h
index d6331bf..dbe6283 100644
--- a/SP/code/qcommon/qcommon.h
+++ b/SP/code/qcommon/qcommon.h
@@ -1113,6 +1113,8 @@ void * QDECL Sys_LoadGameDll( const char *name,
intptr_t (QDECL **entryPoint)(in
intptr_t (QDECL *systemcalls)(intptr_t, ...)
);
void Sys_UnloadDll( void *dllHandle );
+qboolean Sys_DllExtension( const char *name );
+
char *Sys_GetCurrentUser( void );
void QDECL Sys_Error( const char *error, ...) __attribute__ ((noreturn,
format (printf, 1, 2)));
diff --git a/SP/code/sys/sys_main.c b/SP/code/sys/sys_main.c
index e591d98..64d1ab8 100644
--- a/SP/code/sys/sys_main.c
+++ b/SP/code/sys/sys_main.c
@@ -500,10 +500,9 @@ void *Sys_LoadDll(const char *name, qboolean useSystemLib)
{
void *dllhandle;
- // Don't load any DLLs that end with the pk3 extension
- if (COM_CompareExtension(name, ".pk3"))
+ if(!Sys_DllExtension(name))
{
- Com_Printf("Rejecting DLL named \"%s\"", name);
+ Com_Printf("Refusing to attempt to load library \"%s\":
Extension not allowed.\n", name);
return NULL;
}
@@ -561,6 +560,12 @@ void *Sys_LoadGameDll(const char *name,
assert(name);
+ if(!Sys_DllExtension(name))
+ {
+ Com_Printf("Refusing to attempt to load library \"%s\":
Extension not allowed.\n", name);
+ return NULL;
+ }
+
Com_DPrintf( "Loading DLL file: %s\n", name);
libHandle = Sys_LoadLibrary(name);
diff --git a/SP/code/sys/sys_unix.c b/SP/code/sys/sys_unix.c
index 1fadd39..690c81d 100644
--- a/SP/code/sys/sys_unix.c
+++ b/SP/code/sys/sys_unix.c
@@ -950,6 +950,47 @@ qboolean Sys_PIDIsRunning( int pid )
}
/*
+=================
+Sys_DllExtension
+
+Check if filename should be allowed to be loaded as a DLL.
+=================
+*/
+qboolean Sys_DllExtension( const char *name ) {
+ const char *p;
+ char c = 0;
+
+ if ( COM_CompareExtension( name, DLL_EXT ) ) {
+ return qtrue;
+ }
+
+ // Check for format of filename.so.1.2.3
+ p = strstr( name, DLL_EXT "." );
+
+ if ( p ) {
+ p += strlen( DLL_EXT );
+
+ // Check if .so is only followed for periods and numbers.
+ while ( *p ) {
+ c = *p;
+
+ if ( !isdigit( c ) && c != '.' ) {
+ return qfalse;
+ }
+
+ p++;
+ }
+
+ // Don't allow filename to end in a period. file.so.,
file.so.0., etc
+ if ( c != '.' ) {
+ return qtrue;
+ }
+ }
+
+ return qfalse;
+}
+
+/*
==============
Sys_GetHighQualityCPU
==============
diff --git a/SP/code/sys/sys_win32.c b/SP/code/sys/sys_win32.c
index 0952907..e276336 100644
--- a/SP/code/sys/sys_win32.c
+++ b/SP/code/sys/sys_win32.c
@@ -849,6 +849,26 @@ qboolean Sys_PIDIsRunning( int pid )
}
/*
+=================
+Sys_DllExtension
+
+Check if filename should be allowed to be loaded as a DLL.
+=================
+*/
+qboolean Sys_DllExtension( const char *name ) {
+ return COM_CompareExtension( name, DLL_EXT );
+}
+
+/*
+==============
+Sys_GetDLLName
+==============
+*/
+char* Sys_GetDLLName( const char *name ) {
+ return va("%s_sp_" ARCH_STRING DLL_EXT, name);
+}
+
+/*
==============
Sys_GetHighQualityCPU
==============
@@ -912,6 +932,3 @@ void Sys_OpenURL( char *url, qboolean doexit ) {
// NERVE - SMF
}
//----(SA) end
-char* Sys_GetDLLName( const char *name ) {
- return va("%s_sp_" ARCH_STRING DLL_EXT, name);
-}
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-games/iortcw.git
_______________________________________________
Pkg-games-commits mailing list
Pkg-games-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-games-commits
