Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 320962 Details for
Bug 430868
games-fps/redeclipse-1.2: security issues with transmitted map cfgs
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
File access security fix
security-text-command-fix.patch (text/plain), 1.31 KB, created by
Martin Erik Werner
on 2012-08-11 03:09:57 UTC
(
hide
)
Description:
File access security fix
Filename:
MIME Type:
Creator:
Martin Erik Werner
Created:
2012-08-11 03:09:57 UTC
Size:
1.31 KB
patch
obsolete
>Author: Lee "Eihrul" Salzman <lsalzman@gmail.com> >Date: Sun, 22 Jul 2012 21:22:55 +0000 >Subject: text command fix >Description: File access security fix > Game maps can in cube2-engine games be transmitted either from server > to client or from client to client, which includes a config file > (mapname.cfg) which is in "cubescript" format, this makes it possible > for an attacker to send a malign script via a new map (which must be > chosen by admin on a server, or created in cooperative editing mode). A > script like this could trivially read/write to any files which the user > running the client has access to (it is executed when the client loads > the map). > . > This patch stops "textedit" commands being able to be run in map-run > scripts, thus disabling the ability to read/write to user files. > >Origin: upstream, https://sourceforge.net/apps/trac/redeclipse/changeset/3764 >Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684143 >Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=846368 >Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/redeclipse/+bug/1034148 > >--- a/src/engine/textedit.h >+++ b/src/engine/textedit.h >@@ -690,7 +690,7 @@ > > #define TEXTCOMMAND(f, s, d, body) ICOMMAND(0, f, s, d,\ > editor *top = currentfocus();\ >- if(!top) return;\ >+ if(!top || identflags&IDF_WORLD) return;\ > body\ > ) >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 430868
: 320962