Login
User Name:

Password:



Register
Forgot your password?
Vote for Us!
tintin++ ogg sound player script for linux
Author: Robert Smith
Submitted by: Vladaar
6Dragons ogg Soundpack
Author: Vladaar
Submitted by: Vladaar
6Dragons 4.4
Author: Vladaar
Submitted by: Vladaar
LoP 1.46
Author: Remcon
Submitted by: Remcon
LOP 1.45
Author: Remcon
Submitted by: Remcon
Users Online
CommonCrawl, Bing

Members: 0
Guests: 9
Stats
Files
Topics
Posts
Members
Newest Member
481
3,739
19,386
625
OmarHarrim
Today's Birthdays
There are no member birthdays today.
Related Links
» SmaugMuds.org » Bugfix Lists » SWFOTE FUSS Bugfix List » [Bug] Aset command does not v...
Forum Rules | Mark all | Recent Posts

[Bug] Aset command does not validate input for vnum ranges
< Newer Topic :: Older Topic >

Pages:<< prev 1 next >>
Post is unread #1 Sep 24, 2005, 11:11 am
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,643
JoinedJan 1, 2002

Bug: Aset command does not validate input for vnum ranges
Danger: High - Can easily corrupt existing area files
Found by: Remcon
Fixed by: Remcon

This fix is dependent upon the vassign command enhancement

---

build.c

Near the top, add:
bool check_area_conflict( AREA_DATA *carea, int low_range, int hi_range );


Locate the do_aset function. Directly above it, add:
/* check other areas for a conflict while ignoring the current area */
bool check_for_area_conflicts( AREA_DATA *carea, int lo, int hi )
{
   AREA_DATA *area;

   for( area = first_area; area; area = area->next )
      if( area != carea && check_area_conflict( area, lo, hi ) )
         return TRUE;
   for( area = first_build; area; area = area->next )
      if( area != carea && check_area_conflict( area, lo, hi ) )
         return TRUE;

   return FALSE;
}


Then in do_aset, locate:
   if( !str_cmp( arg2, "low_vnum" ) )
   {
      tarea->low_r_vnum = vnum;
      tarea->low_m_vnum = vnum;
      tarea->low_o_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_vnum" ) )
   {
      tarea->hi_r_vnum = vnum;
      tarea->hi_m_vnum = vnum;
      tarea->hi_o_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "low_room" ) )
   {
      tarea->low_r_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_room" ) )
   {
      tarea->hi_r_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "low_obj" ) )
   {
      tarea->low_o_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_obj" ) )
   {
      tarea->hi_o_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "low_mob" ) )
   {
      tarea->low_m_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_mob" ) )
   {
      tarea->hi_m_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }


Replace those with:
   if( !str_cmp( arg2, "low_vnum" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->low_r_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( check_for_area_conflicts( tarea, tarea->low_m_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( check_for_area_conflicts( tarea, tarea->low_o_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }

      if( tarea->hi_r_vnum < vnum )
      {
         send_to_char( "Can't set low_vnum higher than the hi_vnum.\n\r", ch );
         return;
      }
      if( tarea->hi_m_vnum < vnum )
      {
         send_to_char( "Can't set low_mob higher than the hi_mob.\n\r", ch );
         return;
      }
      if( tarea->hi_o_vnum < vnum )
      {
         send_to_char( "Can't set low_obj higher than the hi_obj.\n\r", ch );
         return;
      }

      tarea->low_r_vnum = vnum;
      tarea->low_m_vnum = vnum;
      tarea->low_o_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_vnum" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->hi_r_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( check_for_area_conflicts( tarea, tarea->hi_m_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( check_for_area_conflicts( tarea, tarea->hi_o_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }

      if( tarea->low_r_vnum > vnum )
      {
         send_to_char( "Can't set low_vnum lower than the low_vnum.\n\r", ch );
         return;
      }
      if( tarea->low_m_vnum > vnum )
      {
         send_to_char( "Can't set low_vnum lower than the low_vnum.\n\r", ch );
         return;
      }
      if( tarea->low_o_vnum > vnum )
      {
         send_to_char( "Can't set low_vnum lower than the low_vnum.\n\r", ch );
         return;
      }

      tarea->hi_r_vnum = vnum;
      tarea->hi_m_vnum = vnum;
      tarea->hi_o_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "low_room" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->low_r_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( tarea->hi_r_vnum < vnum )
      {
         send_to_char( "Can't set low_vnum higher than the hi_vnum.\n\r", ch );
         return;
      }
      tarea->low_r_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_room" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->hi_r_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( tarea->low_r_vnum > vnum )
      {
         send_to_char( "Can't set low_vnum lower than the low_vnum.\n\r", ch );
         return;
      }
      tarea->hi_r_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "low_obj" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->low_o_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( tarea->hi_o_vnum < vnum )
      {
         send_to_char( "Can't set low_obj higher than the hi_obj.\n\r", ch );
         return;
      }
      tarea->low_o_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_obj" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->hi_o_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( tarea->low_o_vnum > vnum )
      {
         send_to_char( "Can't set hi_obj lower than the low_obj.\n\r", ch );
         return;
      }
      tarea->hi_o_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "low_mob" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->low_m_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( tarea->hi_m_vnum < vnum )
      {
         send_to_char( "Can't set low_mob higher than the hi_mob.\n\r", ch );
         return;
      }
      tarea->low_m_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_mob" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->hi_m_vnum, vnum ) )
      {
         send_to_char( "That would conflict with another area.\n\r", ch );
         return;
      }
      if( tarea->low_m_vnum > vnum )
      {
         send_to_char( "Can't set hi_mob lower than the low_mob.\n\r", ch );
         return;
      }
      tarea->hi_m_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }


Without this fix, the vnum ranges being input to an area are not validated and can easily be set to grossly incorrect values which later on can cause area file corruption that won't be easy to fix.
       
Pages:<< prev 1 next >>