rpms/vavoom/devel vavoom-1.24-CVE-2007-4533-5.patch, NONE, 1.1 vavoom.spec, 1.3, 1.4
Hans de Goede (jwrdegoede)
fedora-extras-commits at redhat.com
Fri Aug 31 18:42:27 UTC 2007
Author: jwrdegoede
Update of /cvs/extras/rpms/vavoom/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2052
Modified Files:
vavoom.spec
Added Files:
vavoom-1.24-CVE-2007-4533-5.patch
Log Message:
* Fri Aug 31 2007 Hans de Goede <j.w.r.degoede at hhs.nl> 1.24-3
- Fix some security issues in the server: CVE-2007-4533, CVE-2007-4534,
CVE-2007-4535 (bz 256621)
vavoom-1.24-CVE-2007-4533-5.patch:
--- NEW FILE vavoom-1.24-CVE-2007-4533-5.patch ---
--- trunk/vavoom/source/p_acs.cpp 2007/08/29 22:11:13 2684
+++ trunk/vavoom/source/p_acs.cpp 2007/08/31 16:30:40 2685
@@ -2486,7 +2486,7 @@
}
else
{
- BroadcastCentrePrintf(*PrintStr);
+ BroadcastCentrePrint(*PrintStr);
}
ACSVM_BREAK;
@@ -2649,7 +2649,7 @@
ACSVM_CASE(PCD_EndPrintBold)
//FIXME yellow message
PrintStr = PrintStr.EvalEscapeSequences();
- BroadcastCentrePrintf(*PrintStr);
+ BroadcastCentrePrint(*PrintStr);
ACSVM_BREAK;
// Extended P-Code commands.
@@ -2974,7 +2974,7 @@
}
else
{
- BroadcastCentrePrintf(*PrintStr);
+ BroadcastCentrePrint(*PrintStr);
}
sp = optstart - 6;
ACSVM_BREAK;
--- trunk/vavoom/source/p_thinker.cpp 2007/08/29 22:11:13 2684
+++ trunk/vavoom/source/p_thinker.cpp 2007/08/31 16:30:40 2685
@@ -294,6 +294,21 @@
//==========================================================================
//
+// VThinker::BroadcastPrint
+//
+//==========================================================================
+
+void VThinker::BroadcastPrint(const char *s)
+{
+ guard(VThinker::BroadcastPrint);
+ for (int i = 0; i < svs.max_clients; i++)
+ if (Level->Game->Players[i])
+ Level->Game->Players[i]->eventClientPrint(s);
+ unguard;
+}
+
+//==========================================================================
+//
// VThinker::BroadcastPrintf
//
//==========================================================================
@@ -308,9 +323,22 @@
vsprintf(buf, s, v);
va_end(v);
+ BroadcastPrint(buf);
+ unguard;
+}
+
+//==========================================================================
+//
+// VThinker::BroadcastCentrePrint
+//
+//==========================================================================
+
+void VThinker::BroadcastCentrePrint(const char *s)
+{
+ guard(VThinker::BroadcastCentrePrint);
for (int i = 0; i < svs.max_clients; i++)
if (Level->Game->Players[i])
- Level->Game->Players[i]->eventClientPrint(buf);
+ Level->Game->Players[i]->eventClientCentrePrint(s);
unguard;
}
@@ -330,9 +358,7 @@
vsprintf(buf, s, v);
va_end(v);
- for (int i = 0; i < svs.max_clients; i++)
- if (Level->Game->Players[i])
- Level->Game->Players[i]->eventClientCentrePrint(buf);
+ BroadcastCentrePrint(buf);
unguard;
}
@@ -444,7 +470,7 @@
{
VStr Msg = PF_FormatString();
P_GET_SELF;
- Self->BroadcastPrintf(*Msg);
+ Self->BroadcastPrint(*Msg);
}
IMPLEMENT_FUNCTION(VThinker, AllocDlight)
--- trunk/vavoom/source/sv_main.cpp 2007/08/29 22:11:13 2684
+++ trunk/vavoom/source/sv_main.cpp 2007/08/31 16:30:40 2685
@@ -1624,7 +1624,7 @@
Text += " ";
Text += Args[i];
}
- GLevelInfo->BroadcastPrintf(*Text);
+ GLevelInfo->BroadcastPrint(*Text);
GLevelInfo->StartSound(TVec(0, 0, 0), 0,
GSoundManager->GetSoundID("misc/chat"), 0, 1.0, 0);
unguard;
--- trunk/vavoom/source/p_thinker.h 2007/08/29 22:11:13 2684
+++ trunk/vavoom/source/p_thinker.h 2007/08/31 16:30:40 2685
@@ -76,7 +76,9 @@
void AddSoundSequenceChoice(vint32, VName);
void StopSoundSequence(vint32);
+ void BroadcastPrint(const char*);
void BroadcastPrintf(const char*, ...);
+ void BroadcastCentrePrint(const char*);
void BroadcastCentrePrintf(const char*, ...);
DECLARE_FUNCTION(Spawn)
--- trunk/vavoom/source/str.h 2007/08/31 16:30:40 2685
+++ trunk/vavoom/source/str.h 2007/08/31 17:25:55 2686
@@ -345,6 +345,8 @@
{
vint32 Len;
Strm << STRM_INDEX(Len);
+ if (Len < 0)
+ Len = 0;
S.Resize(Len);
if (Len)
Strm.Serialise(S.Str, Len + 1);
Index: vavoom.spec
===================================================================
RCS file: /cvs/extras/rpms/vavoom/devel/vavoom.spec,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- vavoom.spec 15 Aug 2007 13:41:17 -0000 1.3
+++ vavoom.spec 31 Aug 2007 18:41:54 -0000 1.4
@@ -1,6 +1,6 @@
Name: vavoom
Version: 1.24
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: Enhanced Doom, Heretic, Hexen and Strife source port
Source0: http://downloads.sourceforge.net/vavoom/%{name}-%{version}.tar.bz2
Source1: doom.autodlrc
@@ -19,6 +19,7 @@
Source14: tux-b2f.png
Patch0: vavoom-1.21-datadir.patch
Patch1: vavoom-1.23-fixes.patch
+Patch2: vavoom-1.24-CVE-2007-4533-5.patch
URL: http://vavoom-engine.com/
Group: Amusements/Games
License: GPLv2+
@@ -40,6 +41,7 @@
%setup -q
%patch0 -p1 -b .datadir
%patch1 -p1 -b .fix
+%patch2 -p2 -b .CVE
%build
@@ -124,6 +126,10 @@
%changelog
+* Fri Aug 31 2007 Hans de Goede <j.w.r.degoede at hhs.nl> 1.24-3
+- Fix some security issues in the server: CVE-2007-4533, CVE-2007-4534,
+ CVE-2007-4535 (bz 256621)
+
* Wed Aug 15 2007 Hans de Goede <j.w.r.degoede at hhs.nl> 1.24-2
- Update License tag for new Licensing Guidelines compliance
More information about the fedora-extras-commits
mailing list