Prevent players and servers from printing non-printable characters to the terminal

[rdntcntrl]

When the game is started from a terminal, this should prevent players and servers from abusing the terminal using escape sequences (and control characters), which is not just annoying but could be a security issue especially combined with a bad terminal.

This filters all the non-printable characters except '\n'.

[timangus]

Is there a reason to use *p != '\n' instead of !isspace(*p)? Also you may as well put the functionality directly in Sys_Print...

[rdntcntrl]

!isspace(*p) would also allow \r which could be used to overwrite text. I suppose \t could be allowed though.

[smallmodel]

the Sys_Print API has currently no limitation regarding the maximum buffer size so it would be better to avoid adding one, even if the above layer (Com_Printf) has a limited buffer. You can do it in a loop until there is nothing remaining to copy.

Also, some debugging functions (example) may use control characters like \t not considered by isprint(), it should be whitelisted.

• isblank() can be used to check for space and tab.
• isspace() can used to check for a whitespace character ( , \n, \r, \t, \f, \v)

List here.

And agreed about \r, this one could be blacklisted.