From b24c1a51d34ccd63ffec187690292f5588ced291 Mon Sep 17 00:00:00 2001
From: Alibek Omarov <a1ba.omarov@gmail.com>
Date: Tue, 2 Nov 2021 12:47:26 +0600
Subject: [PATCH] engine: try to mitigate outdated client.dll vulnerabilities

---
 engine/common/cmd.c    | 10 +++++++++-
 engine/common/common.c |  4 ++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/engine/common/cmd.c b/engine/common/cmd.c
index 98765bd7..489a8e61 100644
--- a/engine/common/cmd.c
+++ b/engine/common/cmd.c
@@ -747,7 +747,15 @@ Cmd_AddClientCommand
 */
 int GAME_EXPORT Cmd_AddClientCommand( const char *cmd_name, xcommand_t function )
 {
-	return Cmd_AddCommandEx( __FUNCTION__, cmd_name, function, "client command", CMD_CLIENTDLL );
+	int flags = CMD_CLIENTDLL;
+
+	// a1ba: try to mitigate outdated client.dll vulnerabilities
+	if( !Q_stricmp( cmd_name, "motd_write" ))
+	{
+		flags |= CMD_LOCALONLY;
+	}
+
+	return Cmd_AddCommandEx( __FUNCTION__, cmd_name, function, "client command", flags );
 }
 
 /*
diff --git a/engine/common/common.c b/engine/common/common.c
index 06088642..39cc405c 100644
--- a/engine/common/common.c
+++ b/engine/common/common.c
@@ -886,6 +886,10 @@ pfnCvar_RegisterVariable
 */
 cvar_t *pfnCvar_RegisterClientVariable( const char *szName, const char *szValue, int flags )
 {
+	// a1ba: try to mitigate outdated client.dll vulnerabilities
+	if( !Q_stricmp( szName, "motdfile" ))
+		flags |= FCVAR_LOCALONLY;
+
 	if( FBitSet( flags, FCVAR_GLCONFIG ))
 		return (cvar_t *)Cvar_Get( szName, szValue, flags, va( CVAR_GLCONFIG_DESCRIPTION, szName ));
 	return (cvar_t *)Cvar_Get( szName, szValue, flags|FCVAR_CLIENTDLL, Cvar_BuildAutoDescription( flags|FCVAR_CLIENTDLL ));