Browse Source

Merge pull request #133 from SanyaSho/master

string vulnerabilities
pull/142/head
nillerusr 2 years ago committed by GitHub
parent
commit
cb0e405e0f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      game/client/message.cpp
  2. 6
      game/client/vgui_messagechars.cpp
  3. 20
      game/client/vgui_netgraphpanel.cpp
  4. 2
      game/client/vgui_textmessagepanel.cpp
  5. 4
      game/server/ai_speech.cpp
  6. 2
      game/server/util.cpp
  7. 2
      vgui2/dme_controls/dmedagrenderpanel.cpp

2
game/client/message.cpp

@ -987,7 +987,7 @@ void CHudMessage::AddChar( int r, int g, int b, int a, wchar_t ch )
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
void CHudMessage::GetTextExtents( int *wide, int *tall, const char *string ) void CHudMessage::GetTextExtents( int *wide, int *tall, const char *string )
{ {
*wide = g_pMatSystemSurface->DrawTextLen( m_hFont, (char *)string ); *wide = g_pMatSystemSurface->DrawTextLen( m_hFont, "%s", (char *)string );
*tall = vgui::surface()->GetFontTall( m_hFont ); *tall = vgui::surface()->GetFontTall( m_hFont );
} }

6
game/client/vgui_messagechars.cpp

@ -252,7 +252,7 @@ int CMessageCharsPanel::AddText(
msg->hCustomFont = m_hFont; msg->hCustomFont = m_hFont;
// Return new cursor position // Return new cursor position
return x + g_pMatSystemSurface->DrawTextLen( msg->hCustomFont, data ); return x + g_pMatSystemSurface->DrawTextLen( msg->hCustomFont, "%s", data );
} }
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
@ -272,7 +272,7 @@ void CMessageCharsPanel::GetTextExtents( vgui::HFont hCustomFont, int *wide, int
Assert( hCustomFont ); Assert( hCustomFont );
*wide = g_pMatSystemSurface->DrawTextLen( hCustomFont, (char *)string ); *wide = g_pMatSystemSurface->DrawTextLen( hCustomFont, "%s", (char *)string );
*tall = vgui::surface()->GetFontTall( hCustomFont ); *tall = vgui::surface()->GetFontTall( hCustomFont );
} }
@ -310,7 +310,7 @@ void CMessageCharsPanel::Paint()
CMessageCharsPanel::message_t *msg = m_pActive; CMessageCharsPanel::message_t *msg = m_pActive;
while ( msg ) while ( msg )
{ {
g_pMatSystemSurface->DrawColoredText( msg->hCustomFont, msg->x, msg->y, msg->r, msg->g, msg->b, msg->a, msg->text ); g_pMatSystemSurface->DrawColoredText( msg->hCustomFont, msg->x, msg->y, msg->r, msg->g, msg->b, msg->a, "%s", msg->text );
msg = msg->next; msg = msg->next;
} }

20
game/client/vgui_netgraphpanel.cpp

@ -734,7 +734,7 @@ void CNetGraphPanel::DrawTextFields( int graphvalue, int x, int y, int w, netban
Q_snprintf( sz, sizeof( sz ), "fps:%4i ping: %i ms", (int)(1.0f / m_Framerate), (int)(m_AvgLatency*1000.0f) ); Q_snprintf( sz, sizeof( sz ), "fps:%4i ping: %i ms", (int)(1.0f / m_Framerate), (int)(m_AvgLatency*1000.0f) );
g_pMatSystemSurface->DrawColoredText( font, x, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, sz ); g_pMatSystemSurface->DrawColoredText( font, x, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, "%s", sz );
// Draw update rate // Draw update rate
DrawUpdateRate( x + w, y ); DrawUpdateRate( x + w, y );
@ -757,7 +757,7 @@ void CNetGraphPanel::DrawTextFields( int graphvalue, int x, int y, int w, netban
int textWidth = g_pMatSystemSurface->DrawTextLen( font, "%s", sz ); int textWidth = g_pMatSystemSurface->DrawTextLen( font, "%s", sz );
g_pMatSystemSurface->DrawColoredText( font, x, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, sz ); g_pMatSystemSurface->DrawColoredText( font, x, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, "%s", sz );
Q_snprintf( sz, sizeof( sz ), "lerp: %5.1f ms", GetClientInterpAmount() * 1000.0f ); Q_snprintf( sz, sizeof( sz ), "lerp: %5.1f ms", GetClientInterpAmount() * 1000.0f );
@ -781,23 +781,23 @@ void CNetGraphPanel::DrawTextFields( int graphvalue, int x, int y, int w, netban
} }
} }
g_pMatSystemSurface->DrawColoredText( font, x + textWidth, y, interpcolor[ 0 ], interpcolor[ 1 ], interpcolor[ 2 ], 255, sz ); g_pMatSystemSurface->DrawColoredText( font, x + textWidth, y, interpcolor[ 0 ], interpcolor[ 1 ], interpcolor[ 2 ], 255, "%s", sz );
Q_snprintf( sz, sizeof( sz ), "%3.1f/s", m_AvgPacketIn ); Q_snprintf( sz, sizeof( sz ), "%3.1f/s", m_AvgPacketIn );
textWidth = g_pMatSystemSurface->DrawTextLen( font, "%s", sz ); textWidth = g_pMatSystemSurface->DrawTextLen( font, "%s", sz );
g_pMatSystemSurface->DrawColoredText( font, x + w - textWidth - 1, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, sz ); g_pMatSystemSurface->DrawColoredText( font, x + w - textWidth - 1, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, "%s", sz );
y += textTall; y += textTall;
Q_snprintf( sz, sizeof( sz ), "out:%4i %2.2f k/s", out, m_OutgoingData ); Q_snprintf( sz, sizeof( sz ), "out:%4i %2.2f k/s", out, m_OutgoingData );
g_pMatSystemSurface->DrawColoredText( font, x, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, sz ); g_pMatSystemSurface->DrawColoredText( font, x, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, "%s", sz );
Q_snprintf( sz, sizeof( sz ), "%3.1f/s", m_AvgPacketOut ); Q_snprintf( sz, sizeof( sz ), "%3.1f/s", m_AvgPacketOut );
textWidth = g_pMatSystemSurface->DrawTextLen( font, "%s", sz ); textWidth = g_pMatSystemSurface->DrawTextLen( font, "%s", sz );
g_pMatSystemSurface->DrawColoredText( font, x + w - textWidth - 1, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, sz ); g_pMatSystemSurface->DrawColoredText( font, x + w - textWidth - 1, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, "%s", sz );
y += textTall; y += textTall;
@ -809,7 +809,7 @@ void CNetGraphPanel::DrawTextFields( int graphvalue, int x, int y, int w, netban
textWidth = g_pMatSystemSurface->DrawTextLen( font, "%s", sz ); textWidth = g_pMatSystemSurface->DrawTextLen( font, "%s", sz );
g_pMatSystemSurface->DrawColoredText( font, x, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, sz ); g_pMatSystemSurface->DrawColoredText( font, x, y, GRAPH_RED, GRAPH_GREEN, GRAPH_BLUE, 255, "%s", sz );
y += textTall; y += textTall;
@ -832,7 +832,7 @@ void CNetGraphPanel::DrawTextFields( int graphvalue, int x, int y, int w, netban
servercolor[ 2 ] = 0; servercolor[ 2 ] = 0;
} }
g_pMatSystemSurface->DrawColoredText( font, x, y, servercolor[ 0 ], servercolor[ 1 ], servercolor[ 2 ], 255, sz ); g_pMatSystemSurface->DrawColoredText( font, x, y, servercolor[ 0 ], servercolor[ 1 ], servercolor[ 2 ], 255, "%s", sz );
y += textTall; y += textTall;
} }
@ -1119,14 +1119,14 @@ void CNetGraphPanel::DrawLargePacketSizes( int x, int w, int graphtype, float wa
char sz[ 32 ]; char sz[ 32 ];
Q_snprintf( sz, sizeof( sz ), "%i", nTotalBytes ); Q_snprintf( sz, sizeof( sz ), "%i", nTotalBytes );
int len = g_pMatSystemSurface->DrawTextLen( m_hFont, sz ); int len = g_pMatSystemSurface->DrawTextLen( m_hFont, "%s", sz );
int textx, texty; int textx, texty;
textx = rcFill.x - len / 2; textx = rcFill.x - len / 2;
texty = MAX( 0, rcFill.y - 11 ); texty = MAX( 0, rcFill.y - 11 );
g_pMatSystemSurface->DrawColoredText( m_hFont, textx, texty, 255, 255, 255, 255, sz ); g_pMatSystemSurface->DrawColoredText( m_hFont, textx, texty, 255, 255, 255, 255, "%s", sz );
} }
} }
} }

2
game/client/vgui_textmessagepanel.cpp

@ -238,7 +238,7 @@ void CTextMessagePanel::AddChar( int r, int g, int b, int a, wchar_t ch )
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
void CTextMessagePanel::GetTextExtents( int *wide, int *tall, const char *string ) void CTextMessagePanel::GetTextExtents( int *wide, int *tall, const char *string )
{ {
*wide = g_pMatSystemSurface->DrawTextLen( m_hFont, (char *)string ); *wide = g_pMatSystemSurface->DrawTextLen( m_hFont, "%s", (char *)string );
*tall = vgui::surface()->GetFontTall( m_hFont ); *tall = vgui::surface()->GetFontTall( m_hFont );
} }

4
game/server/ai_speech.cpp

@ -885,13 +885,13 @@ void CAI_Expresser::SpeechMsg( CBaseEntity *pFlex, const char *pszFormat, ... )
if ( pFlex->MyNPCPointer() ) if ( pFlex->MyNPCPointer() )
{ {
DevMsg( pFlex->MyNPCPointer(), string ); DevMsg( pFlex->MyNPCPointer(), "%s", string );
} }
else else
{ {
DevMsg( "%s", string ); DevMsg( "%s", string );
} }
UTIL_LogPrintf( string ); UTIL_LogPrintf( "%s", string );
} }

2
game/server/util.cpp

@ -59,7 +59,7 @@ void DBG_AssertFunction( bool fExpr, const char *szExpr, const char *szFile, int
Q_snprintf(szOut,sizeof(szOut), "ASSERT FAILED:\n %s \n(%s@%d)\n%s", szExpr, szFile, szLine, szMessage); Q_snprintf(szOut,sizeof(szOut), "ASSERT FAILED:\n %s \n(%s@%d)\n%s", szExpr, szFile, szLine, szMessage);
else else
Q_snprintf(szOut,sizeof(szOut), "ASSERT FAILED:\n %s \n(%s@%d)\n", szExpr, szFile, szLine); Q_snprintf(szOut,sizeof(szOut), "ASSERT FAILED:\n %s \n(%s@%d)\n", szExpr, szFile, szLine);
Warning( szOut); Warning( "%s", szOut );
} }
#endif // DEBUG #endif // DEBUG

2
vgui2/dme_controls/dmedagrenderpanel.cpp

@ -263,7 +263,7 @@ void CDmeDagRenderPanel::DrawJointNames( CDmeDag *pRoot, CDmeDag *pDag, const ma
{ {
Q_snprintf( pJointName, sizeof(pJointName), "%s", pJoint->GetName() ); Q_snprintf( pJointName, sizeof(pJointName), "%s", pJoint->GetName() );
} }
g_pMatSystemSurface->DrawColoredText( m_hFont, vecPanelPos.x + 5, vecPanelPos.y, 255, 255, 255, 255, pJointName ); g_pMatSystemSurface->DrawColoredText( m_hFont, vecPanelPos.x + 5, vecPanelPos.y, 255, 255, 255, 255, "%s", pJointName );
} }
int nCount = pDag->GetChildCount(); int nCount = pDag->GetChildCount();

Loading…
Cancel
Save