R5Reloaded/r5sdk
1
0
Fork 0
mirror of https://github.com/Mauler125/r5sdk.git synced 2025-02-09 19:15:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Engine: fix uncontrolled format string vulnerability

Browse Source 
This code is only ever used by the master server, but we should still avoid uncontrolled format strings from anything providing it remotely.
This commit is contained in:
Kawe Mazidjatari 2025-02-09 02:07:19 +01:00
parent 1e1fe1beff
commit 3c30d959dd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/engine/server/sv_main.cpp
View File

@ -39,7 +39,7 @@ void SV_CheckForBanAndDisconnect(CClient* const pClient, const string& svIPAddr,
{ {
const int nUserID = pClient->GetUserID(); const int nUserID = pClient->GetUserID();
pClient->Disconnect(Reputation_t::REP_MARK_BAD, svError.c_str()); pClient->Disconnect(Reputation_t::REP_MARK_BAD, "%s", svError.c_str());
Warning(eDLL_T::SERVER, "Removed client '[%s]:%i' from slot #%i ('%llu' is banned globally!)\n", Warning(eDLL_T::SERVER, "Removed client '[%s]:%i' from slot #%i ('%llu' is banned globally!)\n",
svIPAddr.c_str(), nPort, nUserID, nNucleusID); svIPAddr.c_str(), nPort, nUserID, nNucleusID);
} }