Activity
From 2007-09-04 to 2007-09-17
2007-09-16
- 19:30 Revision 9b5cdd3d (github): re-instate debug guards left out in svn commit 5032
- 19:25 Revision 28880f02 (github): Attempt to fix CVE-2007-4642 - undelimited strcpy in PKT_CHAT - know known exploits of this. Fix works by utilising a smarter string copy that is bounds checked to ensure all strings are null terminated - even if it means discarding input
- 18:52 Revision 9554766a (github): Attempt to fix CVE-2007-4642 - Luigi Auriemma's exploit 4 static buffer-overflow in NetSv_ReadCommands no longer effective. Fix works by discarding all commands in excess of MAX_COMMANDS
- 16:52 Revision c904eeb8 (github): Block off other possible msgBuff overflow vectors - no known exploits for these - yet
- 16:48 Revision 934ec2cb (github): Attempt to fix CVE-2007-4642 - Luigi Auriemma's exploit 1 D_NetPlayerEvent global buffer-overflow using PKT_CHAT and exploit 2 Msg_Write global buffer-overflow through PKT_CHAT no longer effective. Fix works by clamping the copying to NETBUFFER_MAXMESSAGE chars at most
2007-09-15
- 17:40 Revision 67879270 (github): Attempt to fix CVE-2007-4643 by discarding all runt packets. Luigi Auriemma's exploit 3 fails against this patch. This is an awful hack - we really need to replace the netcode
- 11:00 Revision 6b4c5d28 (github): Added V3_ClosestPointOnPlane(); given a plane normal plus a point in the plane, find the point in the plane closest to some arbitrary point.
- 09:27 Revision d350ade1 (github): Added some three-dimensional vector math routines.
2007-09-14
- 19:56 Revision b9be7723 (github): fix encodings so we don't FTBFS
- 19:56 Revision 710aef55 (github): fix encodings so we don't FTBFS
2007-09-13
- 18:36 Revision 8a2c8edc (github): Cleaned up how all varieties of vissprite are managed with respect to lighting:
- * Lumobjs affecting models, sprites and psprites are now selected and lit using the same generalized routines.
* Plan...
2007-09-12
Also available in: Atom