empire/empserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

(nat_ca, cou_ca, ef_init_srv, xdvisible): Plug major information leak:

Browse source 
nat_ca[] was designed for visibility to the owner only, while cou_ca[]
was designed for the public.  xdvisible() implemented that for xdump.
But selectors don't care for that!  Since nat_ca[] applies to
EF_NATION, it must be for public visibility.  Broken in 4.2.21.  Fix
by exchanging contents of nat_ca[] and and cou_ca[].  This breaks
clients relying on xdump.
This commit is contained in:
Markus Armbruster 2006-05-22 20:59:11 +00:00
parent 548bc5bbdc
commit 93b6a54356
3 changed files with 11 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/lib/commands/xdump.c
View file

@ -215,9 +215,9 @@ xdvisible(int type, void *p)
case EF_LOST: case EF_LOST:
return gp->own != 0 && (gp->own == player->cnum || player->god); return gp->own != 0 && (gp->own == player->cnum || player->god);
case EF_NATION: case EF_NATION:
return gp->own == player->cnum;
case EF_COUNTRY:
return ((struct natstr *)p)->nat_stat != STAT_UNUSED; return ((struct natstr *)p)->nat_stat != STAT_UNUSED;
case EF_COUNTRY:
return gp->own == player->cnum;
case EF_NEWS: case EF_NEWS:
return ((struct nwsstr *)p)->nws_vrb != 0 return ((struct nwsstr *)p)->nws_vrb != 0
&& (!opt_HIDDEN || player->god); /* FIXME */ && (!opt_HIDDEN || player->god); /* FIXME */

8
src/lib/global/nsc.c
View file

@ -485,14 +485,14 @@ struct castr trade_ca[] = {
{NSC_NOTYPE, 0, 0, 0, NULL, EF_BAD} {NSC_NOTYPE, 0, 0, 0, NULL, EF_BAD}
}; };
struct castr nat_ca[] = { struct castr cou_ca[] = {
/* /*
* This is the owner's view, i.e. it applies only to the own * This is the owner's view, i.e. it applies only to the own
* nation. The public view cou_ca[], which applies to all * nation. The public view nat_ca[], which applies to all
* nations, has the same selectors with different flags: NSC_DEITY * nations, has the same selectors with different flags: NSC_DEITY
* is set except for cnum (which must come first) and all * is set except for cnum (which must come first) and all
* NSC_EXTRA selectors, NSC_EXTRA is cleared. * NSC_EXTRA selectors, NSC_EXTRA is cleared.
* cou_ca[] should also make tech, research, education and * nat_ca[] should also make tech, research, education and
* happiness available, but we can't express the obfuscation * happiness available, but we can't express the obfuscation
* necessary for foreign levels. * necessary for foreign levels.
*/ */
@ -543,7 +543,7 @@ struct castr nat_ca[] = {
{NSC_NOTYPE, 0, 0, 0, NULL, EF_BAD} {NSC_NOTYPE, 0, 0, 0, NULL, EF_BAD}
}; };
struct castr cou_ca[sizeof(nat_ca) / sizeof(*nat_ca)]; struct castr nat_ca[sizeof(cou_ca) / sizeof(*cou_ca)];
/* initialized in ef_init_srv() */ /* initialized in ef_init_srv() */
struct castr realm_ca[] = { struct castr realm_ca[] = {

10
src/lib/subs/fileinit.c
View file

@ -71,16 +71,16 @@ ef_init_srv(void)
empfile[fileinit[i].ef_type].prewrite = fileinit[i].prewrite; empfile[fileinit[i].ef_type].prewrite = fileinit[i].prewrite;
} }
for (i = 0; nat_ca[i].ca_name; i++) { for (i = 0; cou_ca[i].ca_name; i++) {
cou_ca[i] = nat_ca[i]; nat_ca[i] = cou_ca[i];
flags = cou_ca[i].ca_flags | NSC_CONST; flags = nat_ca[i].ca_flags | NSC_CONST;
if (flags & NSC_EXTRA) if (flags & NSC_EXTRA)
flags &= ~NSC_EXTRA; flags &= ~NSC_EXTRA;
else if (i != 0) else if (i != 0)
flags |= NSC_DEITY; flags |= NSC_DEITY;
cou_ca[i].ca_flags = flags; nat_ca[i].ca_flags = flags;
} }
cou_ca[i] = nat_ca[i]; nat_ca[i] = cou_ca[i];
ef_open_srv(); ef_open_srv();
if (ef_verify() < 0) if (ef_verify() < 0)