mirror of
https://github.com/SWG-Source/src.git
synced 2026-07-14 23:07:48 -04:00
mitigate a seefo exploit; copy our profiled build cmakelists
This commit is contained in:
+1
-1
@@ -87,7 +87,7 @@ elseif(UNIX)
|
||||
-fno-stack-protector -fstrict-enums -fno-spell-checking \
|
||||
-fno-coverage-mapping -fstrict-vtable-pointers -finline-functions \
|
||||
-finline-hint-functions -fshort-enums -fno-unroll-loops \
|
||||
")
|
||||
-flto -fwhole-program-vtables")
|
||||
|
||||
# these only work on 3.9+ -finline-functions -finline-hint-functions
|
||||
# these only work on 3.8+ -fno-coverage-mapping -fstrict-vtable-pointers
|
||||
|
||||
@@ -1007,12 +1007,18 @@ void Client::receiveClientMessage(const GameNetworkMessage & message)
|
||||
// check to make sure the controller message is allowed from the client
|
||||
bool allowFromClient = ControllerMessageFactory::allowFromClient(o.getMessage());
|
||||
|
||||
// log as a possible hack
|
||||
if (!allowFromClient)
|
||||
LOG("CustomerService", ("UnauthorizedControllerMessage: Player %s sent an unauthorized controller message %d for object %s.", PlayerObject::getAccountDescription(getCharacterObjectId()).c_str(), o.getMessage(), o.getNetworkId().getValueString().c_str()));
|
||||
|
||||
// do we allow the controller message to get executed?
|
||||
if (allowFromClient || isGod() || !ConfigServerGame::getEnableClientControllerMessageCheck())
|
||||
// we default this to true so that unless
|
||||
// a controller message is explicitly marked as being allowed
|
||||
// from the client, or the client is a GM, it will be dropped when the game server
|
||||
// receives it; this will have the effect of forcing the
|
||||
// programmer to make a conscious decision to mark the
|
||||
// controller message as allowable from the client; because
|
||||
// controller message coming from the client is not secured,
|
||||
// the mechanism to prevent a hacked client from sending the
|
||||
// game server any controller message is to explicity "mark"
|
||||
// those controller messages that are allowed from the client
|
||||
|
||||
if (allowFromClient || isGod())
|
||||
{
|
||||
ServerObject * target = findControlledObject(o.getNetworkId());
|
||||
if(target !=0)
|
||||
@@ -1045,9 +1051,14 @@ void Client::receiveClientMessage(const GameNetworkMessage & message)
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// log as a likely hack
|
||||
LOG("CustomerService", ("UnauthorizedControllerMessage: Player %s sent an unauthorized controller message %d for object %s.", PlayerObject::getAccountDescription(getCharacterObjectId()).c_str(), o.getMessage(), o.getNetworkId().getValueString().c_str()));
|
||||
}
|
||||
if (!appended)
|
||||
|
||||
if (!appended) {
|
||||
delete o.getData();
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -339,23 +339,6 @@ void ConfigServerGame::install(void)
|
||||
KEY_FLOAT (lineOfSightCacheMinHeight, 0.8f);
|
||||
KEY_FLOAT (lineOfSightLocationRoundValue, 5.0f);
|
||||
|
||||
#ifdef _DEBUG
|
||||
// in debug mode, we default this to true so that unless
|
||||
// a controller message is explicitly marked as being allowed
|
||||
// from the client, it will be dropped when the game server
|
||||
// receives it; this will have the effect of forcing the
|
||||
// programmer to make a conscious decision to mark the
|
||||
// controller message as allowable from the client; because
|
||||
// controller message coming from the client is not secured,
|
||||
// the mechanism to prevent a hacked client from sending the
|
||||
// game server any controller message is to explicity "mark"
|
||||
// those controller messages that are allowed from the client
|
||||
KEY_BOOL (enableClientControllerMessageCheck, true);
|
||||
#else
|
||||
// for live, the this option will be set to true in the config file
|
||||
KEY_BOOL (enableClientControllerMessageCheck, false);
|
||||
#endif
|
||||
|
||||
KEY_INT (maxWaypointsPerCharacter,100); // Keep this in sync with the maxWaypoints value in ConfigClientGame.cpp
|
||||
KEY_FLOAT (maxSmallCreatureHeight, 0.7f);
|
||||
KEY_FLOAT (smallCreatureUpdateRadius, 64.0f);
|
||||
|
||||
@@ -393,7 +393,6 @@ class ConfigServerGame
|
||||
|
||||
bool fatalOnGoldPobChange;
|
||||
|
||||
bool enableClientControllerMessageCheck;
|
||||
int maxWaypointsPerCharacter;
|
||||
|
||||
float maxSmallCreatureHeight;
|
||||
@@ -916,8 +915,6 @@ class ConfigServerGame
|
||||
|
||||
static bool getFatalOnGoldPobChange();
|
||||
|
||||
static bool getEnableClientControllerMessageCheck();
|
||||
|
||||
static int getMaxWaypointsPerCharacter();
|
||||
|
||||
static float getMaxSmallCreatureHeight();
|
||||
@@ -2829,13 +2826,6 @@ inline bool ConfigServerGame::getFatalOnGoldPobChange()
|
||||
|
||||
//------------------------------------------------------------
|
||||
|
||||
inline bool ConfigServerGame::getEnableClientControllerMessageCheck()
|
||||
{
|
||||
return data->enableClientControllerMessageCheck;
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
inline float ConfigServerGame::getMaxSmallCreatureHeight()
|
||||
{
|
||||
return data->maxSmallCreatureHeight;
|
||||
|
||||
Reference in New Issue
Block a user