Project

General

Profile

Activity

From 2007-09-05 to 2007-09-18

2007-09-16

19:30 Revision 9b5cdd3d (github): re-instate debug guards left out in svn commit 5032
yagisan
19:25 Revision 28880f02 (github): Attempt to fix CVE-2007-4642 - undelimited strcpy in PKT_CHAT - know known exploits of this. Fix works by utilising a smarter string copy that is bounds checked to ensure all strings are null terminated - even if it means discarding input
yagisan
18:52 Revision 9554766a (github): Attempt to fix CVE-2007-4642 - Luigi Auriemma's exploit 4 static buffer-overflow in NetSv_ReadCommands no longer effective. Fix works by discarding all commands in excess of MAX_COMMANDS
yagisan
16:52 Revision c904eeb8 (github): Block off other possible msgBuff overflow vectors - no known exploits for these - yet
yagisan
16:48 Revision 934ec2cb (github): Attempt to fix CVE-2007-4642 - Luigi Auriemma's exploit 1 D_NetPlayerEvent global buffer-overflow using PKT_CHAT and exploit 2 Msg_Write global buffer-overflow through PKT_CHAT no longer effective. Fix works by clamping the copying to NETBUFFER_MAXMESSAGE chars at most
yagisan

2007-09-15

17:40 Revision 67879270 (github): Attempt to fix CVE-2007-4643 by discarding all runt packets. Luigi Auriemma's exploit 3 fails against this patch. This is an awful hack - we really need to replace the netcode
yagisan
14:38 Bug #473: Multiple Vulnerabilities - buffer overflow, DoS
Logged In: YES
user_id=1248824
Originator: NO
very overstated. I can't duplicate the so-called remote code executio...
yagisan
11:00 Revision 6b4c5d28 (github): Added V3_ClosestPointOnPlane(); given a plane normal plus a point in the plane, find the point in the plane closest to some arbitrary point.
danij
09:27 Revision d350ade1 (github): Added some three-dimensional vector math routines.
danij

2007-09-14

19:56 Revision b9be7723 (github): fix encodings so we don't FTBFS
yagisan
19:56 Revision 710aef55 (github): fix encodings so we don't FTBFS
yagisan

2007-09-13

18:36 Revision 8a2c8edc (github): Cleaned up how all varieties of vissprite are managed with respect to lighting:
* Lumobjs affecting models, sprites and psprites are now selected and lit using the same generalized routines.
* Plan...
danij
06:25 Bug #473 (Closed): Multiple Vulnerabilities - buffer overflow, DoS
I poked through the latest SVN and this bug tracker and didn't see any sign of these being known about. They have le... draconx

2007-09-12

19:36 Bug #472 (Closed): non-server players cannot shoot
Players can connect to the server okay, can run around, see other players, pick up items, use items, etc. However, w... wbrameld4
15:56 Revision 79ee71e1 (github): Init the SDL audio before we Init SDL sound
yagisan

2007-09-11

02:07 Bug #471 (Closed): I keep getting stuck in the walls
Whenever I hit a wall in any of the Doom games I get stuck when I should just slide right across it. This is a very b... dark_staff

2007-09-10

12:18 Feature #1455 (Rejected): Persistent player achievement stats
Enable support for player profiles, i.e. carry your doomguy to the next game Doom to Doom II with his stats and info:... billy_of_fenham
05:49 Feature #1454 (Closed): [Snowberry] Better definition of colliding modules
In the process of making Dreadus' Classic Shotgun model compatible with the Snowberry module format, I discovered tha... kresjah
 

Also available in: Atom