From: divverent Date: Wed, 23 Sep 2009 20:55:24 +0000 (+0000) Subject: prevent information leakage from trace_ globals to prvm_global client to prevent... X-Git-Tag: xonotic-v0.1.0preview~1403 X-Git-Url: https://git.rm.cloudns.org/?a=commitdiff_plain;h=d79bf352070fe96997e0622c73019a08cb67fff9;p=xonotic%2Fdarkplaces.git prevent information leakage from trace_ globals to prvm_global client to prevent very simple console in/out parsing based triggerbots git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@9230 d7cf8633-e32d-0410-b094-e92efae38249 --- diff --git a/csprogs.c b/csprogs.c index 56b23ce7..b4e62c98 100644 --- a/csprogs.c +++ b/csprogs.c @@ -12,12 +12,22 @@ #define CSQC_RETURNVAL prog->globals.generic[OFS_RETURN] #define CSQC_BEGIN csqc_tmpprog=prog;prog=0;PRVM_SetProg(PRVM_CLIENTPROG); -#define CSQC_END VM_ClearTraceGlobals(); prog=csqc_tmpprog; -// TODO check if the clearing of trace globals takes too much CPU. If it does, -// perform it before console command processing instead. +#define CSQC_END prog=csqc_tmpprog; static prvm_prog_t *csqc_tmpprog; +void CL_VM_PreventInformationLeaks(void) +{ + prvm_eval_t *val; + if(!cl.csqc_loaded) + return; + CSQC_BEGIN + VM_ClearTraceGlobals(); + if ((val = PRVM_GLOBALFIELDVALUE(prog->globaloffsets.trace_networkentity))) + val->_float = 0; + CSQC_END +} + //[515]: these are required funcs static char *cl_required_func[] = { diff --git a/csprogs.h b/csprogs.h index 7a4394c2..03944584 100644 --- a/csprogs.h +++ b/csprogs.h @@ -53,6 +53,8 @@ extern cvar_t csqc_progname; //[515]: csqc crc check and right csprogs name acco extern cvar_t csqc_progcrc; extern cvar_t csqc_progsize; +void CL_VM_PreventInformationLeaks(void); + qboolean MakeDownloadPacket(const char *filename, unsigned char *data, unsigned long len, int crc, int cnt, sizebuf_t *buf, int protocol); qboolean CL_VM_GetEntitySoundOrigin(int entnum, vec3_t out); diff --git a/host.c b/host.c index 76e8236b..8e2181df 100644 --- a/host.c +++ b/host.c @@ -693,6 +693,7 @@ void Host_Main(void) if (sv.active ? sv_timer > 0 : cl_timer > 0) { // process console commands + CL_VM_PreventInformationLeaks(); Cbuf_Execute(); }