From 01ad3dda2ad0568b7133e2b90a33a4d77b80f794 Mon Sep 17 00:00:00 2001
From: Alibek Omarov <a1ba.omarov@gmail.com>
Date: Sun, 18 Jun 2023 04:44:28 +0300
Subject: [PATCH] engine: server: escape rcon arguments before passing it to
 command buffer, also use more efficient concatenation

---
 engine/server/sv_client.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/engine/server/sv_client.c b/engine/server/sv_client.c
index b2506857..c7f5b4dc 100644
--- a/engine/server/sv_client.c
+++ b/engine/server/sv_client.c
@@ -1077,6 +1077,7 @@ void SV_RemoteCommand( netadr_t from, sizebuf_t *msg )
 	static char	outputbuf[2048];
 	const char	*adr;
 	char		remaining[1024];
+	char		*p = remaining;
 	int		i;
 
 	if( !rcon_enable.value || !COM_CheckStringEmpty( rcon_password.string ))
@@ -1094,8 +1095,9 @@ void SV_RemoteCommand( netadr_t from, sizebuf_t *msg )
 		remaining[0] = 0;
 		for( i = 2; i < Cmd_Argc(); i++ )
 		{
-			Q_strncat( remaining, Cmd_Argv( i ), sizeof( remaining ));
-			Q_strncat( remaining, " ", sizeof( remaining ));
+			p += Q_strncpy( p, "\"", sizeof( remaining ) - ( p - remaining ));
+			p += Q_strncpy( p, Cmd_Argv( i ), sizeof( remaining ) - ( p - remaining ));
+			p += Q_strncpy( p, "\" ", sizeof( remaining ) - ( p - remaining ));
 		}
 		Cmd_ExecuteString( remaining );