summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/client.cpp4
-rw-r--r--src/gui/logindialog.cpp12
-rw-r--r--src/main.cpp7
-rw-r--r--src/net/ea/loginhandler.cpp5
-rw-r--r--src/net/manaserv/loginhandler.cpp9
-rw-r--r--src/utils/stringutils.cpp10
-rw-r--r--src/utils/stringutils.h2
7 files changed, 46 insertions, 3 deletions
diff --git a/src/client.cpp b/src/client.cpp
index 5d5ce3535..88fe8c443 100644
--- a/src/client.cpp
+++ b/src/client.cpp
@@ -1689,6 +1689,8 @@ void Client::initConfiguration()
config.setValue("musicVolume", 60);
config.setValue("fpslimit", 60);
std::string defaultUpdateHost = branding.getValue("defaultUpdateHost", "");
+ if (!checkPath(defaultUpdateHost))
+ defaultUpdateHost = "";
config.setValue("updatehost", defaultUpdateHost);
config.setValue("customcursor", true);
config.setValue("useScreenshotDirectorySuffix", true);
@@ -1741,6 +1743,8 @@ void Client::initUpdatesDir()
// If updatesHost is currently empty, fill it from config file
if (mUpdateHost.empty())
mUpdateHost = config.getStringValue("updatehost");
+ if (!checkPath(mUpdateHost))
+ return;
// Don't go out of range int he next check
if (mUpdateHost.length() < 2)
diff --git a/src/gui/logindialog.cpp b/src/gui/logindialog.cpp
index 719b86cb8..b1c80b102 100644
--- a/src/gui/logindialog.cpp
+++ b/src/gui/logindialog.cpp
@@ -184,8 +184,16 @@ void LoginDialog::action(const gcn::ActionEvent &event)
serverConfig.setValue("customUpdateHost",
mUpdateHostText->getText());
- mLoginData->updateHost = mUpdateHostText->getText();
- *mUpdateHost = mUpdateHostText->getText();
+ if (checkPath(mUpdateHostText->getText()))
+ {
+ mLoginData->updateHost = mUpdateHostText->getText();
+ *mUpdateHost = mUpdateHostText->getText();
+ }
+ else
+ {
+ mLoginData->updateHost = "";
+ *mUpdateHost = "";
+ }
}
mLoginData->updateType = updateType;
serverConfig.setValue("updateType", updateType);
diff --git a/src/main.cpp b/src/main.cpp
index 1988e5962..71794487c 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -33,6 +33,8 @@
#include <iostream>
#include <physfs.h>
+#include "utils/stringutils.h"
+
#ifdef __MINGW32__
#include <windows.h>
#endif
@@ -140,7 +142,10 @@ static void parseOptions(int argc, char *argv[], Client::Options &options)
options.printHelp = true;
break;
case 'H':
- options.updateHost = optarg;
+ if (checkPath(optarg))
+ options.updateHost = optarg;
+ else
+ options.updateHost = "";
break;
case 'c':
options.character = optarg;
diff --git a/src/net/ea/loginhandler.cpp b/src/net/ea/loginhandler.cpp
index bbf19fb34..291a92906 100644
--- a/src/net/ea/loginhandler.cpp
+++ b/src/net/ea/loginhandler.cpp
@@ -150,6 +150,11 @@ void LoginHandler::processUpdateHost(Net::MessageIn &msg)
len = msg.readInt16() - 4;
mUpdateHost = msg.readString(len);
+ if (!checkPath(mUpdateHost))
+ {
+ mUpdateHost = "";
+ logger->log1("Warning: incorrect update server name");
+ }
loginData.updateHost = mUpdateHost;
logger->log("Received update host \"%s\" from login server.",
diff --git a/src/net/manaserv/loginhandler.cpp b/src/net/manaserv/loginhandler.cpp
index f1cb8e352..8b8ac831f 100644
--- a/src/net/manaserv/loginhandler.cpp
+++ b/src/net/manaserv/loginhandler.cpp
@@ -341,9 +341,18 @@ void LoginHandler::readServerInfo(Net::MessageIn &msg)
// Set the update host when included in the message
const std::string updateHost = msg.readString();
if (!updateHost.empty())
+ {
+ if (!checkPath(updateHost))
+ {
+ logger->log1("Warning: incorrect update server name");
+ updateHost = "";
+ }
mLoginData->updateHost = updateHost;
+ }
else
+ {
logger->log1("Warning: server does not have an update host set!");
+ }
// Read the client data folder for dynamic data loading.
// This is only used by the QT client.
diff --git a/src/utils/stringutils.cpp b/src/utils/stringutils.cpp
index 642ba0df2..b855e3b04 100644
--- a/src/utils/stringutils.cpp
+++ b/src/utils/stringutils.cpp
@@ -612,3 +612,13 @@ std::string &removeProtocol(std::string &url)
url = url.substr(i + 3);
return url;
}
+
+bool checkPath(std::string path)
+{
+ if (path.empty())
+ return true;
+ return path.find("../") == std::string::npos
+ && path.find("..\\") == std::string::npos
+ && path.find("/..") == std::string::npos
+ && path.find("\\..") == std::string::npos;
+}
diff --git a/src/utils/stringutils.h b/src/utils/stringutils.h
index 0913c7348..c6eb08a6c 100644
--- a/src/utils/stringutils.h
+++ b/src/utils/stringutils.h
@@ -206,4 +206,6 @@ bool findCutFirst(std::string &str1, std::string str2);
std::string &removeProtocol(std::string &url);
+bool checkPath(std::string path);
+
#endif // UTILS_STRINGUTILS_H