Author: sveinung
Date: Sun Oct 11 17:13:53 2015
New Revision: 30046
URL: http://svn.gna.org/viewcvs/freeciv?rev=30046&view=rev
Log:
Order system: avoid unsafe is_valid_dir() usage
If a direction is valid given certain game settings was stored in an array
in patch #6325. The function is_valid_dir() would then look it up. This
doesn't work for direction values outside its range.
Don't use is_valid_dir() when validating the direction of unit orders sent
by the client over the network.
See bug #23926
Modified:
branches/S2_6/common/map.c
branches/S2_6/common/map.h
branches/S2_6/server/unithand.c
Modified: branches/S2_6/common/map.c
URL:
http://svn.gna.org/viewcvs/freeciv/branches/S2_6/common/map.c?rev=30046&r1=30045&r2=30046&view=diff
==============================================================================
--- branches/S2_6/common/map.c (original)
+++ branches/S2_6/common/map.c Sun Oct 11 17:13:53 2015
@@ -1212,12 +1212,31 @@
/**************************************************************************
Returns TRUE iff the given direction is a valid one.
+
+ If the direction could be out of range you should use
+ map_untrusted_dir_is_valid() in stead.
**************************************************************************/
bool is_valid_dir(enum direction8 dir)
{
fc_assert_ret_val(direction8_is_valid(dir), FALSE);
return dir_validity[dir];
+}
+
+/**************************************************************************
+ Returns TRUE iff the given direction is a valid one.
+
+ Doesn't trust the input. Can be used to validate a direction from an
+ untrusted source.
+**************************************************************************/
+bool map_untrusted_dir_is_valid(enum direction8 dir)
+{
+ if (!direction8_is_valid(dir)) {
+ /* Isn't even in range of direction8. */
+ return FALSE;
+ }
+
+ return is_valid_dir(dir);
}
/**************************************************************************
Modified: branches/S2_6/common/map.h
URL:
http://svn.gna.org/viewcvs/freeciv/branches/S2_6/common/map.h?rev=30046&r1=30045&r2=30046&view=diff
==============================================================================
--- branches/S2_6/common/map.h (original)
+++ branches/S2_6/common/map.h Sun Oct 11 17:13:53 2015
@@ -597,6 +597,7 @@
enum direction8 dir_cw(enum direction8 dir);
enum direction8 dir_ccw(enum direction8 dir);
const char* dir_get_name(enum direction8 dir);
+bool map_untrusted_dir_is_valid(enum direction8 dir);
bool is_valid_dir(enum direction8 dir);
bool is_cardinal_dir(enum direction8 dir);
Modified: branches/S2_6/server/unithand.c
URL:
http://svn.gna.org/viewcvs/freeciv/branches/S2_6/server/unithand.c?rev=30046&r1=30045&r2=30046&view=diff
==============================================================================
--- branches/S2_6/server/unithand.c (original)
+++ branches/S2_6/server/unithand.c Sun Oct 11 17:13:53 2015
@@ -3159,7 +3159,7 @@
switch (packet->orders[i]) {
case ORDER_MOVE:
case ORDER_ACTION_MOVE:
- if (!is_valid_dir(packet->dir[i])) {
+ if (!map_untrusted_dir_is_valid(packet->dir[i])) {
log_error("handle_unit_orders() %d isn't a valid move direction. "
"Sent in order number %d from %s to unit number %d.",
packet->dir[i], i,
_______________________________________________
Freeciv-commits mailing list
Freeciv-commits@gna.org
https://mail.gna.org/listinfo/freeciv-commits
