empire/empserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

client: Fix rogue execute protection

Browse source 
To protect against a rogue server reading your files, the client
honors C_EXECUTE only when it matches recent player input.

This has a somewhat troubled history, detailed in the previous commit.

The remaining major issue comes from commit 8b7d0b9 (v4.3.11): any
suffix of a recent line of input is accepted as C_EXECUTE text.
Before, only text that looked like an argument of an execute command
or a redirection was accepted.

Fix by again requiring the text to be preceded by something that looks
like an execute command.  But do it more carefully: don't break
execute with a prompted for argument, and prevent abuse of
redirections for execute.

Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
This commit is contained in:
Markus Armbruster 2015-12-27 20:22:45 +01:00
parent d13950470a
commit 5cb14f508e
5 changed files with 83 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/client/ringbuf.h
View file

@ -27,7 +27,7 @@
* ringbuf.h: Simple ring buffer
*
* Known contributors to this file:
* Markus Armbruster, 2007
* Markus Armbruster, 2007-2015
*/
#ifndef RINGBUF_H
@ -59,7 +59,7 @@ extern int ring_getc(struct ring *);
extern int ring_putc(struct ring *, unsigned char);
extern int ring_putm(struct ring *, void *, size_t);
extern void ring_discard(struct ring *, int);
extern int ring_search(struct ring *, char *);
extern int ring_search(struct ring *, char *, int);
extern int ring_from_file(struct ring *, int fd);
extern int ring_to_file(struct ring *, int fd);