From 8541d2d4036d7d1dea7e873bfe69319638b7584e Mon Sep 17 00:00:00 2001
From: zicodxx <>
Date: Sat, 21 Apr 2007 08:27:21 +0000
Subject: [PATCH] prevent string placeholders in HUD Messages which may crash
 the game

---
 dxx-changelog.txt | 4 ++++
 main/hud.c        | 9 ++++++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/dxx-changelog.txt b/dxx-changelog.txt
index 732ca4011..a0d7eacb5 100755
--- a/dxx-changelog.txt
+++ b/dxx-changelog.txt
@@ -1,5 +1,9 @@
 D2X-Rebirth Changelog
 
+20070421
+--------
+main/hud.c: prevent string placeholders in HUD Messages which may crash the game
+
 20070420
 --------
 main/laser.c: made smart blobs easier to dodge
diff --git a/main/hud.c b/main/hud.c
index c7e3848ea..2dd0d52ff 100755
--- a/main/hud.c
+++ b/main/hud.c
@@ -253,7 +253,7 @@ int PlayerMessage=1;
 // (message might not be drawn if previous message was same)
 int HUD_init_message_va(char * format, va_list args)
 {
-	int temp;
+	int temp, i;
 	char *message = NULL;
 	char *last_message=NULL;
 #if 0
@@ -273,6 +273,13 @@ int HUD_init_message_va(char * format, va_list args)
 	message = &HUD_messages[hud_last][0];
 	vsprintf(message,format,args);
 
+	// clean message if necessary.
+	// using placeholders may mess up message string and crash game(s).
+	// block them also to prevent attacks from other clients.
+	for (i = 0; i <= strlen(message); i++)
+		if (message[i] == '%')
+			message [i] = ' ';
+
 	// Added by Leighton
 
    if ((Game_mode & GM_MULTI) && FindArg("-noredundancy"))