From e3edb81c1b397cc5667e309a726cb2a0889b8d89 Mon Sep 17 00:00:00 2001
From: kai <kai@zittrig.eu>
Date: Mon, 1 Jun 2020 19:00:11 +0100
Subject: do not leak admin GUIDs in !namelog if they are incognito

---
 src/game/g_admin.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/game/g_admin.c b/src/game/g_admin.c
index 13b9099..5e987ce 100644
--- a/src/game/g_admin.c
+++ b/src/game/g_admin.c
@@ -6546,9 +6546,20 @@ qboolean G_admin_namelog( gentity_t *ent, int skiparg )
         continue;
     }
     printed++;
+
     for( j = 0; j < 8; j++ )
-      guid_stub[ j ] = g_admin_namelog[ i ]->guid[ j + 24 ];
+    {
+      if( G_admin_permission_guid( g_admin_namelog[ i ]->guid, ADMF_INCOGNITO )
+          && !admin_higher_guid( ent->client->pers.guid, g_admin_namelog[ i ]->guid ) 
+          && !G_admin_permission( ent, ADMF_SEESINCOGNITO ) )
+      {
+        guid_stub[ j ] = 'X';
+      } else {
+        guid_stub[ j ] = g_admin_namelog[ i ]->guid[ j + 24 ];
+      }
+    }
     guid_stub[ j ] = '\0';
+
     if( g_admin_namelog[ i ]->slot > -1 )
        ADMBP( "^3" );
     ADMBP( va( "%-2s (*%s) %15s %s^7", 
-- 
cgit