Merge pull request #981 from osm/add-exec-validation

Prevent downloadable files from being executed

Author: tcsabina

src/cl_cmd.c

@@ -626,30 +626,13 @@ void CL_Rcon_f (void) {
 
 qbool CL_Download_Accept(const char *filename)
 {
-	char *str, *tmp, *ext;
-	qbool is_valid = false;
-	extern cvar_t cl_allow_downloads;
-
 	if (strstr(filename, "..") || !strcmp(filename, "") || filename[0] == '/' || strchr(filename, '\\') || strchr(filename, ':') || strstr(filename, "//")) {
 		Com_Printf("Warning: Invalid characters in filename \"%s\"\n", filename);
 		return false;
 	}
 
-	ext = COM_FileExtension(filename);
-	str = Q_strdup(cl_allow_downloads.string);
-	tmp = strtok(str, ",");
-	while (tmp != NULL) {
-		if (strcmp(ext, tmp) == 0) {
-			is_valid = true;
-			break;
-		}
-
-		tmp = strtok(NULL, ",");
-	}
-	Q_free(str);
-
-	if (!is_valid) {
-		Com_Printf("Warning: Non-allowed file \"%s\" skipped. Add \"%s\" to cl_allow_download_file_extensions to allow the file to be downloaded\n", filename, ext);
+	if (!CL_IsDownloadableFileExtension(filename)) {
+		Com_Printf("Warning: Non-allowed file \"%s\" skipped. Add \"%s\" to cl_allow_downloads to allow the file to be downloaded\n", filename, COM_FileExtension(filename));
 		return false;
 	}
 

src/cmd.c

@@ -137,6 +137,27 @@ static void OnChange_remote_capabilities(cvar_t *var, char *string, qbool *cance
 	Q_free(tmp);
 }
 
+qbool CL_IsDownloadableFileExtension(const char *filename)
+{
+	qbool is_allowed = false;
+	char *ext, *str, *tmp;
+
+	ext = COM_FileExtension(filename);
+	str = Q_strdup(cl_allow_downloads.string);
+	tmp = strtok(str, ",");
+	while (tmp != NULL) {
+		if (strcmp(ext, tmp) == 0) {
+			is_allowed = true;
+			break;
+		}
+
+		tmp = strtok(NULL, ",");
+	}
+	Q_free(str);
+
+	return is_allowed;
+}
+
 //=============================================================================
 
 //Causes execution of the remainder of the command buffer to be delayed until next frame.
@@ -540,6 +561,11 @@ void Cmd_Exec_f (void)
 	server_command = cbuf_current == &cbuf_server || !strcmp(Cmd_Argv(0), "serverexec");
 #endif
 
+	if (CL_IsDownloadableFileExtension(Cmd_Argv(1))) {
+		Com_Printf("Warning: \"%s\" is not allowed to be executed. Remove \"%s\" from cl_allow_downloads to allow execution\n", Cmd_Argv(1), COM_FileExtension(Cmd_Argv(1)));
+		return;
+	}
+
 	strlcpy (name, Cmd_Argv(1), sizeof(name) - 4);
 	if (!(f = (char *) FS_LoadHeapFile(name, NULL)))	{
 		const char *p;

src/cmd.h

@@ -182,6 +182,7 @@ void Cbuf_AddEarlyCommands (void);
 void Cmd_StuffCmds_f (void);
 qbool Cmd_IsLegacyCommand (char *oldname);
 void Cmd_AddLegacyCommand (char *oldname, char *newname);
+qbool CL_IsDownloadableFileExtension(const char *filename);
 
 //===========================================================================