From 2657dce9c8bde0347b04e6e93a4d54835c43fe5c Mon Sep 17 00:00:00 2001 From: Spoike Date: Thu, 27 May 2021 11:33:55 +0000 Subject: [PATCH] Fix a couple of crashy issues that were possible with the updates menu. git-svn-id: https://svn.code.sf.net/p/fteqw/code/trunk@5869 fc73d0e0-1445-4013-8a0c-d673dee63da5 --- engine/client/m_download.c | 4 ++-- engine/common/fs.c | 27 +++++++++++++++++++++++++-- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/engine/client/m_download.c b/engine/client/m_download.c index 4113d2c1..55c08707 100644 --- a/engine/client/m_download.c +++ b/engine/client/m_download.c @@ -642,7 +642,7 @@ static qboolean PM_MergePackage(package_t *oldp, package_t *newp) if (newp->previewimage){Z_Free(oldp->previewimage); oldp->previewimage = Z_StrDup(newp->previewimage);} if (newp->signature){Z_Free(oldp->signature); oldp->signature = Z_StrDup(newp->signature);} - if (newp->filesha1){Z_Free(oldp->filesha1); oldp->previewimage = Z_StrDup(newp->filesha1);} + if (newp->filesha1){Z_Free(oldp->filesha1); oldp->filesha1 = Z_StrDup(newp->filesha1);} if (newp->filesha512){Z_Free(oldp->filesha512); oldp->filesha512 = Z_StrDup(newp->filesha512);} if (newp->filesize){oldp->filesize = newp->filesize;} @@ -5120,7 +5120,7 @@ static void MD_Download_UpdateStatus(struct emenu_s *m) if (op->common.iszone) Z_Free(op); } - m->cursoritem = m->selecteditem = NULL; + m->cursoritem = m->selecteditem = m->mouseitem = NULL; info->downloadablessequence = downloadablessequence; info->populated = false; diff --git a/engine/common/fs.c b/engine/common/fs.c index aca35055..96283615 100644 --- a/engine/common/fs.c +++ b/engine/common/fs.c @@ -569,6 +569,7 @@ mirror: qboolean FS_GamedirIsOkay(const char *path) { + char tmp[MAX_QPATH]; if (!*path || strchr(path, '\n') || strchr(path, '\r') || !strcmp(path, ".") || !strcmp(path, "..") || strchr(path, ':') || strchr(path, '/') || strchr(path, '\\') || strchr(path, '$')) { Con_Printf("Illegal path specified: %s\n", path); @@ -585,7 +586,18 @@ qboolean FS_GamedirIsOkay(const char *path) } //some gamedirs should never be used for actual games/mods. Reject them. - if (!Q_strncasecmp(path, "downloads", 9) || !Q_strncasecmp(path, "docs", 4) || !Q_strncasecmp(path, "help", 4)) + if (!Q_strncasecmp(path, "downloads", 9) || //QI stuff uses this for arbitrary downloads. it doesn't make sense as a gamedir. + !Q_strncasecmp(path, "docs", 4) || //don't pollute this + !Q_strncasecmp(path, "help", 4) || //don't pollute this + !Q_strncasecmp(path, "bin", 3) || //if scripts try executing stuff here then we want to make extra sure that we don't allow writing anything within it. + !Q_strncasecmp(path, "lib", 3)) //same deal + { + Con_Printf ("Gamedir should not be \"%s\"\n", path); + return false; + } + + //this checks for system-specific entries. + if (!FS_GetCleanPath(path, true, tmp, sizeof(tmp))) { Con_Printf ("Gamedir should not be \"%s\"\n", path); return false; @@ -1878,7 +1890,7 @@ static const char *FS_GetCleanPath(const char *pattern, qboolean silent, char *o s = pattern; seg = o = outbuf; - if (!pattern) + if (!pattern || !*pattern) { Con_Printf("Error: Empty filename\n"); return NULL; @@ -2433,6 +2445,17 @@ static int QDECL FS_RemoveTreeCallback(const char *fname, qofs_t fsize, time_t m qboolean FS_RemoveTree(searchpathfuncs_t *pathhandle, const char *fname) { //this requires that the searchpath a) supports remove. b) supports listing directories... //path is expected to have a trailing / + + /*char cleaned[MAX_QPATH]; + fname = FS_GetCleanPath(fname, false, cleaned, sizeof(cleaned)); + if (!fname) + return false;*/ + + if (fs_readonly) + return false; + + //FIXME: don't cross filesystems. + //FIXME: remove dir symlinks instead of the target's contents. if (FS_RemoveTreeCallback(fname, 0, 0, NULL, pathhandle)) return true; return false;