Files
@ r25360:c5efeb83c7e8
Branch filter:
Location: cpp/openttd-patchpack/source/regression/stationlist/main.nut - annotation
r25360:c5efeb83c7e8
6.6 KiB
text/plain
Fix: [Network] Reading beyond the length of the server's ID when hashing password
Under normal circumstances the server's ID is 32 characters excluding '\0', however this can be changed at the server. This ID is sent to the server for company name hashing. The client reads it into a statically allocated buffer of 33 bytes, but fills only the bytes it received from the server. However, the hash assumes all 33 bytes are set, thus potentially reading uninitialized data, or a part of the server ID of a previous game in the hashing routine.
It is still reading from memory assigned to the server ID, so nothing bad happens, except that company passwords might not work correctly.
Under normal circumstances the server's ID is 32 characters excluding '\0', however this can be changed at the server. This ID is sent to the server for company name hashing. The client reads it into a statically allocated buffer of 33 bytes, but fills only the bytes it received from the server. However, the hash assumes all 33 bytes are set, thus potentially reading uninitialized data, or a part of the server ID of a previous game in the hashing routine.
It is still reading from memory assigned to the server ID, so nothing bad happens, except that company passwords might not work correctly.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 | r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 r24242:3697a2e18a06 | class StationList extends AIController {
function Start();
};
function StationList::StationList()
{
local list = AIStationList(AIStation.STATION_BUS_STOP + AIStation.STATION_TRUCK_STOP);
print("");
print("--StationList--");
print(" Count(): " + list.Count());
list.Valuate(AIStation.GetLocation);
print(" Location ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
list.Valuate(AIStation.GetCargoWaiting, 0);
print(" CargoWaiting(0) ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
list.Valuate(AIStation.GetCargoWaiting, 1);
print(" CargoWaiting(1) ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_Cargo()
{
print("");
print("--StationList_Cargo--");
for (local mode = AIStationList_Cargo.CM_WAITING; mode <= AIStationList_Cargo.CM_PLANNED; ++mode) {
print(" " + mode);
for (local selector = AIStationList_Cargo.CS_BY_FROM; selector <= AIStationList_Cargo.CS_FROM_BY_VIA ; ++selector) {
print(" " + selector);
local list = AIStationList_Cargo(mode, selector, 6, 0, 7);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
}
}
};
function StationList::StationList_CargoPlanned()
{
print("");
print("--StationList_CargoPlanned--");
for (local selector = AIStationList_Cargo.CS_BY_FROM; selector <= AIStationList_Cargo.CS_FROM_BY_VIA; ++selector) {
print(" " + selector);
local list = AIStationList_CargoPlanned(selector, 6, 0, 7);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
}
};
function StationList::StationList_CargoPlannedByFrom()
{
print("");
print("--StationList_CargoPlannedByFrom--");
local list = AIStationList_CargoPlannedByFrom(2, 0);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_CargoPlannedByVia()
{
print("");
print("--StationList_CargoPlannedByVia--");
local list = AIStationList_CargoPlannedByVia(2, 0);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_CargoPlannedViaByFrom()
{
print("");
print("--StationList_CargoPlannedViaByFrom--");
local list = AIStationList_CargoPlannedViaByFrom(6, 0, 7);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_CargoPlannedFromByVia()
{
print("");
print("--StationList_CargoPlannedFromByVia--");
local list = AIStationList_CargoPlannedFromByVia(6, 0, 7);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_CargoWaiting()
{
print("");
print("--StationList_CargoWaiting--");
for (local selector = AIStationList_Cargo.CS_BY_FROM; selector <= AIStationList_Cargo.CS_FROM_BY_VIA; ++selector) {
print(" " + selector);
local list = AIStationList_CargoWaiting(selector, 6, 0, 7);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
}
};
function StationList::StationList_CargoWaitingByFrom()
{
print("");
print("--StationList_CargoWaitingByFrom--");
local list = AIStationList_CargoWaitingByFrom(2, 0);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_CargoWaitingByVia()
{
print("");
print("--StationList_CargoWaitingByVia--");
local list = AIStationList_CargoWaitingByVia(2, 0);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_CargoWaitingViaByFrom()
{
print("");
print("--StationList_CargoWaitingViaByFrom--");
local list = AIStationList_CargoWaitingViaByFrom(6, 0, 7);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_CargoWaitingFromByVia()
{
print("");
print("--StationList_CargoWaitingFromByVia--");
local list = AIStationList_CargoWaitingFromByVia(2, 0, 2);
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
};
function StationList::StationList_Vehicle()
{
local list = AIStationList_Vehicle(12);
print("");
print("--StationList_Vehicle--");
print(" Count(): " + list.Count());
list.Valuate(AIStation.GetLocation);
print(" Location ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
list.Valuate(AIStation.GetCargoWaiting, 0);
print(" CargoWaiting(0) ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
list.Valuate(AIStation.GetCargoWaiting, 1);
print(" CargoWaiting(1) ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
list.Valuate(AIStation.GetCargoRating, 1);
print(" CargoRating(1) ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
list.Valuate(AIStation.GetDistanceManhattanToTile, 30000);
print(" DistanceManhattanToTile(30000) ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
list.Valuate(AIStation.GetDistanceSquareToTile, 30000);
print(" DistanceSquareToTile(30000) ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
list.Valuate(AIStation.IsWithinTownInfluence, 0);
print(" IsWithinTownInfluence(0) ListDump:");
for (local i = list.Begin(); !list.IsEnd(); i = list.Next()) {
print(" " + i + " => " + list.GetValue(i));
}
}
function StationList::Start()
{
StationList();
StationList_Cargo();
StationList_CargoPlanned();
StationList_CargoPlannedByFrom();
StationList_CargoPlannedByVia();
StationList_CargoPlannedViaByFrom();
StationList_CargoPlannedFromByVia();
StationList_CargoWaiting();
StationList_CargoWaitingByFrom();
StationList_CargoWaitingByVia();
StationList_CargoWaitingViaByFrom();
StationList_CargoWaitingFromByVia();
StationList_Vehicle();
}
|