From a5ba43ea39e980def67873eab6108e763b91cd30 Mon Sep 17 00:00:00 2001
From: SNMetamorph <25657591+SNMetamorph@users.noreply.github.com>
Date: Tue, 2 Aug 2022 18:57:09 +0400
Subject: [PATCH] engine: fixed vulnerability in NAT bypass mechanism

---
 engine/server/sv_client.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/engine/server/sv_client.c b/engine/server/sv_client.c
index 93a7ae4a..97fd122f 100644
--- a/engine/server/sv_client.c
+++ b/engine/server/sv_client.c
@@ -2268,10 +2268,14 @@ void SV_ConnectionlessPacket( netadr_t from, sizebuf_t *msg )
 	else if( !Q_strcmp( pcmd, "i" )) NET_SendPacket( NS_SERVER, 5, "\xFF\xFF\xFF\xFFj", from ); // A2A_PING
 	else if (!Q_strcmp( pcmd, "c" ))
 	{
-		netadr_t to;
+		qboolean sv_nat = Cvar_VariableInteger( "sv_nat" );
+		if( sv_nat )
+		{
+			netadr_t to;
 
-		if( NET_StringToAdr( Cmd_Argv( 1 ), &to ))
-			SV_Info( to );
+			if( NET_StringToAdr( Cmd_Argv( 1 ), &to ) && !NET_IsReservedAdr( to ))
+				SV_Info( to );
+		}
 	}
 	else if( svgame.dllFuncs.pfnConnectionlessPacket( &from, args, buf, &len ))
 	{