YGGverse/xash3d-fwgs
1
0
Fork 0
mirror of https://github.com/YGGverse/xash3d-fwgs.git synced 2025-01-17 18:40:02 +00:00
Code Issues Projects Releases Wiki Activity

engine: allow exec command with config filenames whitelist

Browse Source
This commit is contained in:
Alibek Omarov 2021-11-03 20:28:42 +06:00 committed by a1batross
parent c96f10d40b
commit b93938956e
2 changed files with 41 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
engine/common/common.h
View File

@ -480,6 +480,7 @@ void Cbuf_AddFilteredText( const char *text );
void Cbuf_InsertText( const char *text ); void Cbuf_InsertText( const char *text );
void Cbuf_ExecStuffCmds( void ); void Cbuf_ExecStuffCmds( void );
void Cbuf_Execute (void); void Cbuf_Execute (void);
qboolean Cmd_CurrentCommandIsPrivileged( void );
int Cmd_Argc( void ); int Cmd_Argc( void );
const char *Cmd_Args( void ); const char *Cmd_Args( void );
const char *Cmd_Argv( int arg ); const char *Cmd_Argv( int arg );

46
engine/common/host.c
View File

@ -354,10 +354,11 @@ Host_Exec_f
*/ */
void Host_Exec_f( void ) void Host_Exec_f( void )
{ {
string cfgpath; string cfgpath;
byte *f; byte *f;
char *txt; char *txt;
fs_offset_t len; fs_offset_t len;
char *arg;
if( Cmd_Argc() != 2 ) if( Cmd_Argc() != 2 )
{ {
@ -365,14 +366,47 @@ void Host_Exec_f( void )
return; return;
} }
if( !Q_stricmp( "game.cfg", Cmd_Argv( 1 ))) arg = Cmd_Argv( 1 );
#ifndef XASH_DEDICATED
if( !Cmd_CurrentCommandIsPrivileged() )
{
const char *unprivilegedWhitelist[] =
{
NULL, "mapdefault.cfg", "scout.cfg", "sniper.cfg",
"soldier.cfg", "demoman.cfg", "medic.cfg", "hwguy.cfg",
"pyro.cfg", "spy.cfg", "engineer.cfg", "civilian.cfg"
};
int i;
qboolean allow = false;
unprivilegedWhitelist[0] = va( "%s.cfg", clgame.mapname );
for( i = 0; i < ARRAYSIZE( unprivilegedWhitelist ); i++ )
{
if( !Q_strcmp( arg, unprivilegedWhitelist[i] ))
{
allow = true;
break;
}
}
if( !allow )
{
Con_Printf( "exec %s: not privileged or in whitelist\n", arg );
return;
}
}
#endif // XASH_DEDICATED
if( !Q_stricmp( "game.cfg", arg ))
{ {
// don't execute game.cfg in singleplayer // don't execute game.cfg in singleplayer
if( SV_GetMaxClients() == 1 ) if( SV_GetMaxClients() == 1 )
return; return;
} }
Q_strncpy( cfgpath, Cmd_Argv( 1 ), sizeof( cfgpath )); Q_strncpy( cfgpath, arg, sizeof( cfgpath ));
COM_DefaultExtension( cfgpath, ".cfg" ); // append as default COM_DefaultExtension( cfgpath, ".cfg" ); // append as default
f = FS_LoadFile( cfgpath, &len, false ); f = FS_LoadFile( cfgpath, &len, false );
@ -382,7 +416,7 @@ void Host_Exec_f( void )
return; return;
} }
if( !Q_stricmp( "config.cfg", Cmd_Argv( 1 ))) if( !Q_stricmp( "config.cfg", arg ))
host.config_executed = true; host.config_executed = true;
// adds \n\0 at end of the file // adds \n\0 at end of the file
@ -392,7 +426,7 @@ void Host_Exec_f( void )
Mem_Free( f ); Mem_Free( f );
if( !host.apply_game_config ) if( !host.apply_game_config )
Con_Printf( "execing %s\n", Cmd_Argv( 1 )); Con_Printf( "execing %s\n", arg );
Cbuf_InsertText( txt ); Cbuf_InsertText( txt );
Mem_Free( txt ); Mem_Free( txt );
} }
@ -989,7 +1023,7 @@ void Host_InitCommon( int argc, char **argv, const char *progname, qboolean bCha
Sys_InitLog(); Sys_InitLog();
Cmd_AddRestrictedCommand( "exec", Host_Exec_f, "execute a script file" ); Cmd_AddCommand( "exec", Host_Exec_f, "execute a script file" );
Cmd_AddCommand( "memlist", Host_MemStats_f, "prints memory pool information" ); Cmd_AddCommand( "memlist", Host_MemStats_f, "prints memory pool information" );
Cmd_AddRestrictedCommand( "userconfigd", Host_Userconfigd_f, "execute all scripts from userconfig.d" ); Cmd_AddRestrictedCommand( "userconfigd", Host_Userconfigd_f, "execute all scripts from userconfig.d" );