expvintl/source-engine
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

game: fixed a format string vulnerability in CDebugOverlay::Paint (ValveSoftware/source-sdk-2013#372)

Browse Source
This commit is contained in:
SanyaSho 2022-08-16 17:39:41 +03:00
parent 387d15521a
commit 42b528dec3
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
game/client/vgui_debugoverlaypanel.cpp
View File

@ -125,20 +125,20 @@ void CDebugOverlay::Paint()
if (pCurrText->bUseOrigin) if (pCurrText->bUseOrigin)
{ {
if (!debugoverlay->ScreenPosition( pCurrText->origin, screenPos )) if (!debugoverlay->ScreenPosition( pCurrText->origin, screenPos ))
{ {
float xPos = screenPos[0]; float xPos = screenPos[0];
float yPos = screenPos[1]+ (pCurrText->lineOffset*13); // Line spacing; float yPos = screenPos[1]+ (pCurrText->lineOffset*13); // Line spacing;
g_pMatSystemSurface->DrawColoredText( m_hFont, xPos, yPos, r, g, b, a, pCurrText->text ); g_pMatSystemSurface->DrawColoredText( m_hFont, xPos, yPos, r, g, b, a, "%s", pCurrText->text );
} }
} }
else else
{ {
if (!debugoverlay->ScreenPosition( pCurrText->flXPos,pCurrText->flYPos, screenPos )) if (!debugoverlay->ScreenPosition( pCurrText->flXPos,pCurrText->flYPos, screenPos ))
{ {
float xPos = screenPos[0]; float xPos = screenPos[0];
float yPos = screenPos[1]+ (pCurrText->lineOffset*13); // Line spacing; float yPos = screenPos[1]+ (pCurrText->lineOffset*13); // Line spacing;
g_pMatSystemSurface->DrawColoredText( m_hFont, xPos, yPos, r, g, b, a, pCurrText->text ); g_pMatSystemSurface->DrawColoredText( m_hFont, xPos, yPos, r, g, b, a, "%s", pCurrText->text );
} }
} }
} }