[GoldSrc] Remote Code Execution using malicious WAD list in BSP file

## Summary `TEX_InitFromWad` function calls `COM_FileBase` to get file name from a path into a buffer on the stack. Since `COM_FileBase` does not have boundary checks and the buffer is small, long WAD file name can trigger a Stack Buffer Overflow, leading to arbitrary code execution. ## Steps to reproduce Environment: Windows 10 x64 18362 - Install Counter-Strike Dedicated Server. Let's call the directory where it's installed `SERVER_DIR` - Install AMX Mod X for the dedicated server - Compile F558348, install and enable it in AMX Mod X `plugins.ini` - Copy any `.exe` file to `SERVER_DIR/cstrike/pwn.ed` (`pwn.ed` is the file name) - Extract F558346 to `SERVER_DIR/cstrike/maps/` - Start Counter-Strike Dedicated Server on map `cs_pwn` - After the map is fully loaded, extract F558347 to `SERVER_DIR/cstrike/maps/` - Install Counter-Strike Client - Start Counter-Strike Client - Connect to the dedicated server Expected behavior: `pwn.ed` will be downloaded and executed. ## Impact Attackers can remotely execute arbitrary code on victim's computer. The lack of ASLR on `hl.exe` makes the exploit 100% reliable.