Login
User Name:

Password:



Register
Forgot your password?
Vote for Us!
tintin++ ogg sound player script for linux
Author: Robert Smith
Submitted by: Vladaar
6Dragons ogg Soundpack
Author: Vladaar
Submitted by: Vladaar
6Dragons 4.4
Author: Vladaar
Submitted by: Vladaar
LoP 1.46
Author: Remcon
Submitted by: Remcon
LOP 1.45
Author: Remcon
Submitted by: Remcon
Users Online
CommonCrawl, DotBot, Yandex

Members: 0
Guests: 8
Stats
Files
Topics
Posts
Members
Newest Member
481
3,735
19,370
618
Micheal64X
Today's Birthdays
There are no member birthdays today.
Related Links
» SmaugMuds.org » Bugfix Lists » AFKMud Bugfix List » AFKMud Bug Archive » [Bug] Aset command does not v...
Forum Rules | Mark all | Recent Posts

[Bug] Aset command does not validate input for vnum ranges
< Newer Topic :: Older Topic > AFKMud 1.76a

Pages:<< prev 1 next >>
Post is unread #1 Sep 24, 2005, 11:40 am   Last edited Dec 29, 2005, 5:57 pm by Samson
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,643
JoinedJan 1, 2002

Bug: Aset command does not validate input for vnum ranges
Discovered in: AFKMud 1.76a
Danger: High - Can easily corrupt existing area files
Found by: Remcon
Fixed by: Remcon

---

build.c

Locate the do_aset function. Directly above it, add:
bool check_area_conflict( AREA_DATA *area, int low_range, int hi_range )
{
   if( low_range < area->low_vnum && area->low_vnum < hi_range )
      return TRUE;

   if( low_range < area->hi_vnum && area->hi_vnum < hi_range )
      return TRUE;

   if( ( low_range >= area->low_vnum ) && ( low_range <= area->hi_vnum ) )
      return TRUE;

   if( ( hi_range <= area->hi_vnum ) && ( hi_range >= area->low_vnum ) )
      return TRUE;

   return FALSE;
}

/* check other areas for a conflict while ignoring the current area */
bool check_for_area_conflicts( AREA_DATA *carea, int lo, int hi )
{
   AREA_DATA *area;

   for( area = first_area; area; area = area->next )
      if( area != carea && check_area_conflict( area, lo, hi ) )
         return TRUE;

   return FALSE;
}


Then in do_aset, locate:
   if( !str_cmp( arg2, "low_vnum" ) )
   {
      tarea->low_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_vnum" ) )
   {
      tarea->hi_vnum = vnum;
      send_to_char( "Done.\n\r", ch );
      return;
   }


Replace those with:
   if( !str_cmp( arg2, "low_vnum" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->low_vnum, vnum ) )
      {
         ch_printf( ch, "Setting %d for low_vnum would conflict with another area.\r\n", vnum );
         return;
      }
      if( tarea->hi_vnum < vnum )
      {
         ch_printf( ch, "Vnum %d exceeds the hi_vnum of %d for this area.\r\n", vnum, tarea->hi_vnum );
         return;
      }
      tarea->low_vnum = vnum;
      send_to_char( "Done.\r\n", ch );
      return;
   }

   if( !str_cmp( arg2, "hi_vnum" ) )
   {
      if( check_for_area_conflicts( tarea, tarea->hi_vnum, vnum ) )
      {
         ch_printf( ch, "Setting %d for hi_vnum would conflict with another area.\r\n", vnum );
         return;
      }
      if( tarea->low_vnum > vnum )
      {
         ch_printf( ch, "Cannot set %d for hi_vnum smaller than the low_vnum of %d.\r\n", vnum, tarea->low_vnum );
         return;
      }
      tarea->hi_vnum = vnum;
      send_to_char( "Done.\r\n", ch );
      return;
   }


Without this fix, the vnum ranges being input to an area are not validated and can easily be set to grossly incorrect values which later on can cause area file corruption that won't be easy to fix.
       
Pages:<< prev 1 next >>