X-Git-Url: https://git.artsoft.org/?a=blobdiff_plain;f=src%2Fnetwork.c;h=d0c156198408b3af688b3f106119b9a9280af3b0;hb=055c4e48ddc47b9616c38cd5eeaf27f5b88c933b;hp=574809781e92dcbbb4cf5a75c78b34f65dc5f220;hpb=c8058770312fb6ec95cd6a57164669031bfaf2bf;p=rocksndiamonds.git diff --git a/src/network.c b/src/network.c index 57480978..d0c15619 100644 --- a/src/network.c +++ b/src/network.c @@ -182,6 +182,11 @@ char *getNetworkPlayerName(int player_nr) return(EMPTY_PLAYER_NAME); } +static boolean hasPathSeparator(char *s) +{ + return (strchr(s, '/') != NULL); +} + static void StartNetworkServer(int port) { static int p; @@ -694,6 +699,8 @@ static void Handle_OP_START_PLAYING() level_nr = new_level_nr; } + SetLevelSetInfo(new_leveldir_identifier, new_level_nr); + /* needed if level set of network game changed graphics, sounds or music */ ReloadCustomArtwork(0); @@ -825,6 +832,9 @@ static void Handle_OP_LEVEL_FILE() leveldir_identifier = getStringCopy(getNetworkBufferString(read_buffer)); + if (hasPathSeparator(leveldir_identifier)) + Error(ERR_EXIT, "protocol error: invalid filename from network client"); + InitNetworkLevelDirectory(leveldir_identifier); network_level_dir = getNetworkLevelDir(leveldir_identifier); @@ -835,6 +845,9 @@ static void Handle_OP_LEVEL_FILE() file_info->basename = getStringCopy(getNetworkBufferString(read_buffer)); file_info->filename = getPath2(network_level_dir, file_info->basename); + if (hasPathSeparator(file_info->basename)) + Error(ERR_EXIT, "protocol error: invalid filename from network client"); + getNetworkBufferFile(read_buffer, file_info->filename); use_custom_template = getNetworkBuffer8BitInteger(read_buffer); @@ -845,6 +858,9 @@ static void Handle_OP_LEVEL_FILE() tmpl_info->basename = getStringCopy(getNetworkBufferString(read_buffer)); tmpl_info->filename = getPath2(network_level_dir, tmpl_info->basename); + if (hasPathSeparator(tmpl_info->basename)) + Error(ERR_EXIT, "protocol error: invalid filename from network client"); + getNetworkBufferFile(read_buffer, tmpl_info->filename); }