Skip to content

Commit

Permalink
Sanitize the name with a maximum buffer size limit
Browse files Browse the repository at this point in the history
  • Loading branch information
@smallmodel
smallmodel authored Dec 8, 2024
1 parent 5801af3 commit 333c452
Show file tree
Hide file tree
Showing 5 changed files with 9 additions and 6 deletions.
2 changes: 1 addition & 1 deletion code/client/cl_main.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2580,7 +2580,7 @@ void CL_CheckUserinfo( void ) {
// send a reliable userinfo update if needed
if(cvar_modifiedFlags & CVAR_USERINFO)
{
if (Com_SanitizeName(name->string, szSanitizedName)) {
if (Com_SanitizeName(name->string, szSanitizedName, sizeof(szSanitizedName))) {
Cvar_Set("name", szSanitizedName);
}

Expand Down
2 changes: 1 addition & 1 deletion code/fgame/g_client.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -772,7 +772,7 @@ void G_ClientUserinfoChanged(gentity_t *ent, const char *u)

clientnum = ent - g_entities;

if (gi.SanitizeName(s, client->pers.netname)) {
if (gi.SanitizeName(s, client->pers.netname, sizeof(client->pers.netname))) {
gi.Printf("WARNING: had to sanitize the name for client %i\n", clientnum);
}

Expand Down
2 changes: 1 addition & 1 deletion code/fgame/g_public.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -478,7 +478,7 @@ typedef struct gameImport_s {
void (*HudDrawAlpha)(int info, float alpha);
void (*HudDrawString)(int info, const char *string);
void (*HudDrawFont)(int info, const char *fontName);
qboolean (*SanitizeName)(const char *oldName, char *newName);
qboolean (*SanitizeName)(const char *oldName, char *newName, size_t bufferSize);

//
// Added in OPM
Expand Down
7 changes: 5 additions & 2 deletions code/qcommon/common.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2372,11 +2372,14 @@ void Com_Shutdown (void) {

}

qboolean Com_SanitizeName( const char *pszOldName, char *pszNewName )
qboolean Com_SanitizeName( const char *pszOldName, char *pszNewName, size_t bufferSize )
{
int i;
qboolean bBadName = qfalse;
const char *p = pszOldName;
size_t maxLength;

maxLength = (bufferSize / sizeof(char)) - 1;

if( *pszOldName && *pszOldName <= ' ' )
{
Expand All @@ -2389,7 +2392,7 @@ qboolean Com_SanitizeName( const char *pszOldName, char *pszNewName )
}

i = 0;
for( i = 0; *p && *p >= ' '; p++, i++ )
for( i = 0; *p && *p >= ' ' && i < maxLength; p++, i++ )
{
if( *p == '~' || *p == '`' )
{
Expand Down
2 changes: 1 addition & 1 deletion code/qcommon/qcommon.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1155,7 +1155,7 @@ void Com_Init( char *commandLine );
void Com_Frame( void );
void Com_Shutdown( void );

qboolean Com_SanitizeName( const char *pszOldName, char *pszNewName );
qboolean Com_SanitizeName( const char *pszOldName, char *pszNewName, size_t bufferSize );
const char *Com_GetArchiveFileName( const char *filename, const char *extension );
const char *Com_GetArchiveFolder();
void Com_WipeSavegame( const char *savename );
Expand Down

0 comments on commit 333c452

Please sign in to comment.