Files @ r25360:c5efeb83c7e8
Branch filter:

Location: cpp/openttd-patchpack/source/src/console_internal.h

r25360:c5efeb83c7e8 3.7 KiB text/x-c Show Annotation Show as Raw Download as Raw
rubidium42
Fix: [Network] Reading beyond the length of the server's ID when hashing password

Under normal circumstances the server's ID is 32 characters excluding '\0', however this can be changed at the server. This ID is sent to the server for company name hashing. The client reads it into a statically allocated buffer of 33 bytes, but fills only the bytes it received from the server. However, the hash assumes all 33 bytes are set, thus potentially reading uninitialized data, or a part of the server ID of a previous game in the hashing routine.
It is still reading from memory assigned to the server ID, so nothing bad happens, except that company passwords might not work correctly.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
/*
 * This file is part of OpenTTD.
 * OpenTTD is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2.
 * OpenTTD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with OpenTTD. If not, see <http://www.gnu.org/licenses/>.
 */

/** @file console_internal.h Internally used functions for the console. */

#ifndef CONSOLE_INTERNAL_H
#define CONSOLE_INTERNAL_H

#include "gfx_type.h"
#include <map>

static const uint ICON_CMDLN_SIZE     = 1024; ///< maximum length of a typed in command
static const uint ICON_MAX_STREAMSIZE = 2048; ///< maximum length of a totally expanded command

/** Return values of console hooks (#IConsoleHook). */
enum ConsoleHookResult {
	CHR_ALLOW,    ///< Allow command execution.
	CHR_DISALLOW, ///< Disallow command execution.
	CHR_HIDE,     ///< Hide the existence of the command.
};

/**
 * --Commands--
 * Commands are commands, or functions. They get executed once and any
 * effect they produce are carried out. The arguments to the commands
 * are given to them, each input word separated by a double-quote (") is an argument
 * If you want to handle multiple words as one, enclose them in double-quotes
 * eg. 'say "hello sexy boy"'
 */
typedef bool IConsoleCmdProc(byte argc, char *argv[]);
typedef ConsoleHookResult IConsoleHook(bool echo);
struct IConsoleCmd {
	IConsoleCmd(const std::string &name, IConsoleCmdProc *proc, IConsoleHook *hook) : name(name), proc(proc), hook(hook) {}

	std::string name;         ///< name of command
	IConsoleCmdProc *proc;    ///< process executed when command is typed
	IConsoleHook *hook;       ///< any special trigger action that needs executing
};

/**
 * --Aliases--
 * Aliases are like shortcuts for complex functions, variable assignments,
 * etc. You can use a simple alias to rename a longer command (eg 'set' for
 * 'setting' for example), or concatenate more commands into one
 * (eg. 'ng' for 'load %A; unpause; debug_level 5'). Aliases can parse the arguments
 * given to them in the command line.
 * - "%A - %Z" substitute arguments 1 t/m 26
 * - "%+" lists all parameters keeping them separated
 * - "%!" also lists all parameters but presenting them to the aliased command as one argument
 * - ";" allows for combining commands (see example 'ng')
 */
struct IConsoleAlias {
	IConsoleAlias(const std::string &name, const std::string &cmdline) : name(name), cmdline(cmdline) {}

	std::string name;           ///< name of the alias
	std::string cmdline;        ///< command(s) that is/are being aliased
};

struct IConsole
{
	typedef std::map<std::string, IConsoleCmd> CommandList;
	typedef std::map<std::string, IConsoleAlias> AliasList;

	/* console parser */
	static CommandList &Commands();
	static AliasList &Aliases();

	/* Commands */
	static void CmdRegister(const std::string &name, IConsoleCmdProc *proc, IConsoleHook *hook = nullptr);
	static IConsoleCmd *CmdGet(const std::string &name);
	static void AliasRegister(const std::string &name, const std::string &cmd);
	static IConsoleAlias *AliasGet(const std::string &name);
};

/* console functions */
void IConsoleClearBuffer();

/* console std lib (register ingame commands/aliases) */
void IConsoleStdLibRegister();

/* Supporting functions */
bool GetArgumentInteger(uint32 *value, const char *arg);

void IConsoleGUIInit();
void IConsoleGUIFree();
void IConsoleGUIPrint(TextColour colour_code, char *string);

#endif /* CONSOLE_INTERNAL_H */
Server instance: code.theleruby.com-48 This site is powered by Kallithea, which is © 2010–2022 by various authors & licensed under GPLv3. – Support