--- trunk/source/server/sv_user.c 2007/10/19 15:39:07 673
+++ trunk/source/server/sv_user.c 2010/04/01 04:52:26 1685
@@ -323,6 +323,7 @@
extern cvar_t *allow_download_sounds;
extern cvar_t *allow_download_maps;
extern int file_from_pak; // ZOID did file come from pak?
+ int name_length; // For getting the final character.
int offset = 0;
name = Cmd_Argv(1);
@@ -333,6 +334,10 @@
// hacked by zoid to allow more conrol over download
// first off, no .. or global allow check
if (strstr (name, "..") || !allow_download->value
+ // prevent config downloading on Win32 systems
+ || name[0] == '\\'
+ // negative offset causes crashing
+ || offset < 0
// leading dot is no good
|| *name == '.'
// leading slash bad as well, must be in subdir
@@ -354,6 +359,10 @@
return;
}
+ // If the name ends in a slash or dot, hack it off. Continue to do so just
+ // in case some tricky fellow puts multiple slashes or dots.
+ while (name[(name_length = strlen(name))] == '.' || name[name_length] == '/' )
+ name[name_length] = '\0';
if (sv_client->download)
FS_FreeFile (sv_client->download);