Add or adjust a bunch of safety checks (#433)

2018-08-26 17:18:39 +02:00
parent 8aeefc3fca
commit 9bcabfeb1f
14 changed files with 156 additions and 86 deletions
--- a/modules/fakemeta/fakemeta_amxx.h
+++ b/modules/fakemeta/fakemeta_amxx.h
@ -50,6 +50,16 @@

 #define CHECK_ENTITY(x) if (x != 0 && (FNullEnt(TypeConversion.id_to_edict(x)) || x < 0 || x > gpGlobals->maxEntities)) { MF_LogError(amx, AMX_ERR_NATIVE, "Invalid entity"); return 0; }
 #define CHECK_OFFSET(x) if (x < 0) { MF_LogError(amx, AMX_ERR_NATIVE, "Invalid offset"); return 0; }
+#define CHECK_ENTITY_PDATA(x) \
+	if (FNullEnt(TypeConversion.id_to_edict(x))) { \
+		MF_LogError(amx, AMX_ERR_NATIVE, "Invalid entity %d", x); \
+		return 0; \
+	} \
+	else if (!TypeConversion.id_to_edict(x)->pvPrivateData) { \
+		MF_LogError(amx, AMX_ERR_NATIVE, "Invalid entity %d (no private data)", x); \
+		return 0; \
+	}
+

 extern AMX_NATIVE_INFO engfunc_natives[];
 extern AMX_NATIVE_INFO dllfunc_natives[];
--- a/modules/fakemeta/fm_tr.cpp
+++ b/modules/fakemeta/fm_tr.cpp
@ -86,7 +86,7 @@ static cell AMX_NATIVE_CALL set_tr(AMX *amx, cell *params)
 	case TR_pHit:
 		{
 			e = TypeConversion.id_to_edict(*ptr);
-			if (!e || FNullEnt(e))
+			if (*ptr != -1 && FNullEnt(e))
 				return 0; //TODO: return error
 			gfm_tr->pHit = e;
 			return 1;
@ -167,7 +167,7 @@ static cell AMX_NATIVE_CALL get_tr(AMX *amx, cell *params)
 		}
 	case TR_pHit:
 		{
-			if (gfm_tr->pHit == NULL || FNullEnt(gfm_tr->pHit))
+			if (FNullEnt(gfm_tr->pHit))
 				return -1;
 			return ENTINDEX(gfm_tr->pHit);
 			break;
--- a/modules/fakemeta/fm_tr2.cpp
+++ b/modules/fakemeta/fm_tr2.cpp
@ -99,7 +99,7 @@ static cell AMX_NATIVE_CALL set_tr2(AMX *amx, cell *params)
 	case TR_pHit:
 		{
 			edict_t *e = TypeConversion.id_to_edict(*ptr);
-			if (!e || FNullEnt(e))
+			if (*ptr != -1 && FNullEnt(e))
 				return 0; //TODO: return error
 			tr->pHit = e;
 			return 1;
@ -187,7 +187,7 @@ static cell AMX_NATIVE_CALL get_tr2(AMX *amx, cell *params)
 		}
 	case TR_pHit:
 		{
-			if (tr->pHit == NULL || FNullEnt(tr->pHit))
+			if (FNullEnt(tr->pHit))
 				return -1;
 			return ENTINDEX(tr->pHit);
 			break;
--- a/modules/fakemeta/misc.cpp
+++ b/modules/fakemeta/misc.cpp
@ -18,7 +18,7 @@ static cell AMX_NATIVE_CALL copy_infokey_buffer(AMX *amx, cell *params)
 {
 	char *infobuffer = reinterpret_cast<char *>(params[1]);

-	return MF_SetAmxString(amx, params[2], infobuffer, params[3]);
+	return MF_SetAmxString(amx, params[2], infobuffer ? infobuffer : "", params[3]);
 }

 // lookup_sequence(entid, "sequence name", &Float:framerate = 0.0, &bool:loops = false, &Float:groundspeed = 0.0);
--- a/modules/fakemeta/pdata.cpp
+++ b/modules/fakemeta/pdata.cpp
@ -32,18 +32,18 @@
 //implement these with setjmp later.
 bool IsBadReadPtr(void *l, size_t size)
 {
-	return false;
+	return l ? false : true;
 }
 bool IsBadWritePtr(void *l, size_t size)
 {
-	return false;
+	return l ? false : true;
 }
 #endif

 static cell AMX_NATIVE_CALL set_pdata_int(AMX *amx, cell *params)
 {
 	int index=params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int iOffset=params[2];
 	CHECK_OFFSET(iOffset);
@ -65,7 +65,7 @@ static cell AMX_NATIVE_CALL set_pdata_int(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_pdata_int(AMX *amx, cell *params)
 {
 	int index=params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int iOffset=params[2];
 	CHECK_OFFSET(iOffset);
@ -87,7 +87,7 @@ static cell AMX_NATIVE_CALL get_pdata_int(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_pdata_float(AMX *amx, cell *params)
 {
 	int index=params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int iOffset=params[2];
 	CHECK_OFFSET(iOffset);
@ -109,7 +109,7 @@ static cell AMX_NATIVE_CALL set_pdata_float(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_pdata_float(AMX *amx, cell *params)
 {
 	int index=params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int iOffset=params[2];
 	CHECK_OFFSET(iOffset);
@ -130,7 +130,7 @@ static cell AMX_NATIVE_CALL get_pdata_float(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_pdata_string(AMX *amx, cell *params)
 {
 	int index=params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int iOffset=params[2];
 	CHECK_OFFSET(iOffset);
@ -167,7 +167,7 @@ static cell AMX_NATIVE_CALL get_pdata_string(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_pdata_string(AMX *amx, cell *params)
 {
 	int index=params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int iOffset=params[2];
 	CHECK_OFFSET(iOffset);
@ -192,30 +192,35 @@ static cell AMX_NATIVE_CALL set_pdata_string(AMX *amx, cell *params)
 		szData = get_pdata_direct<char*>(pEdict, iOffset);
 		if (IsBadWritePtr(szData, 1))
 			return 0;
-		strcpy(szData, data);
 	} else {
 		szData = get_pdata<char*>(pEdict, iOffset);
 		if (IsBadWritePtr(szData, 1))
 			return 0;
-		if (params[4] == 1)
+
+		if (len > static_cast<int>(strlen(szData)))
 		{
-			free(szData);
-			szData = (char *)malloc(len + 1);
-		} else if (params[4] == 2) {
-			delete [] szData;
-			szData = new char[len + 1];
+			if (params[4] == 1)
+			{
+				free(szData);
+				szData = (char *)malloc(len + 1);
+			}
+			else if (params[4] == 2) {
+				delete[] szData;
+				szData = new char[len + 1];
+			}
+			set_pdata<char*>(pEdict, iOffset, szData);
 		}
-		strcpy(szData, data);
-		set_pdata<char*>(pEdict, iOffset, szData);
 	}

+	strncopy(szData, data, len + 1);
+
 	return 1;
 }

 static cell AMX_NATIVE_CALL get_pdata_ent(AMX *amx, cell *params)
 {
 	int index=params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int iOffset=params[2];
 	CHECK_OFFSET(iOffset); 
@ -256,7 +261,7 @@ static cell AMX_NATIVE_CALL get_pdata_ent(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_pdata_ent(AMX *amx, cell *params)
 {
 	int index  = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -282,7 +287,7 @@ static cell AMX_NATIVE_CALL set_pdata_ent(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_pdata_bool(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -303,7 +308,7 @@ static cell AMX_NATIVE_CALL get_pdata_bool(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_pdata_bool(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -328,7 +333,7 @@ static cell AMX_NATIVE_CALL set_pdata_bool(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_pdata_byte(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -349,7 +354,7 @@ static cell AMX_NATIVE_CALL get_pdata_byte(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_pdata_byte(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -374,7 +379,7 @@ static cell AMX_NATIVE_CALL set_pdata_byte(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_pdata_short(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -395,7 +400,7 @@ static cell AMX_NATIVE_CALL get_pdata_short(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_pdata_short(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -420,7 +425,7 @@ static cell AMX_NATIVE_CALL set_pdata_short(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_pdata_vector(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -449,7 +454,7 @@ static cell AMX_NATIVE_CALL get_pdata_vector(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_pdata_vector(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -476,7 +481,7 @@ static cell AMX_NATIVE_CALL set_pdata_vector(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_pdata_ehandle(AMX *amx, cell *params)
 {
 	int index = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
@ -524,7 +529,7 @@ static cell AMX_NATIVE_CALL get_pdata_ehandle(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_pdata_ehandle(AMX *amx, cell *params)
 {
 	int index  = params[1];
-	CHECK_ENTITY(index);
+	CHECK_ENTITY_PDATA(index);

 	int offset = params[2];
 	CHECK_OFFSET(offset);
--- a/modules/fakemeta/pdata_entities.cpp
+++ b/modules/fakemeta/pdata_entities.cpp
@ -18,7 +18,7 @@
 static cell AMX_NATIVE_CALL get_ent_data(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);
@ -33,7 +33,7 @@ static cell AMX_NATIVE_CALL get_ent_data(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_ent_data(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);
@ -57,7 +57,7 @@ static cell AMX_NATIVE_CALL set_ent_data(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_ent_data_float(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);
@ -72,7 +72,7 @@ static cell AMX_NATIVE_CALL get_ent_data_float(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_ent_data_float(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);
@ -90,7 +90,7 @@ static cell AMX_NATIVE_CALL set_ent_data_float(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_ent_data_vector(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);
@ -107,7 +107,7 @@ static cell AMX_NATIVE_CALL get_ent_data_vector(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_ent_data_vector(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);
@ -125,7 +125,7 @@ static cell AMX_NATIVE_CALL set_ent_data_vector(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_ent_data_entity(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);
@ -142,7 +142,7 @@ static cell AMX_NATIVE_CALL set_ent_data_entity(AMX *amx, cell *params)
 	int entity = params[1];
 	int value = params[4];

-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	if (value != -1)
 	{
@ -165,7 +165,7 @@ static cell AMX_NATIVE_CALL set_ent_data_entity(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL get_ent_data_string(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);
@ -190,7 +190,7 @@ static cell AMX_NATIVE_CALL get_ent_data_string(AMX *amx, cell *params)
 static cell AMX_NATIVE_CALL set_ent_data_string(AMX *amx, cell *params)
 {
 	int entity = params[1];
-	CHECK_ENTITY(entity);
+	CHECK_ENTITY_PDATA(entity);

 	TypeDescription data;
 	GET_TYPE_DESCRIPTION(2, data, CommonConfig);