OU/CWE-ou-minkata
2
3
Fork 0
mirror of https://foundry.openuru.org/gitblit/r/CWE-ou-minkata.git synced 2025-07-14 02:27:40 -04:00
Code Releases Activity

Correctly allocate the NetVaultNode in pyVaultPlayerInfoListNode.

Browse Source 
The affected code was ported from H'uru where NetVaultNode has a zeroing
constructor. OU does not have a zeroing constructor for this class, and
instead assumes that all allocations will be done with NEWZERO (there is
a debug mode assertion to this effect). The result of the improper
allocation is that the node fields flag could be garbage, causing a
vault node with random contents to be written to the server.

Unfortunately, NetVaultNode::Read_LCS is not extremely resilient to
reading in unexpected data, so this may result in a crash.
This commit is contained in:
Adam Johnson
2021-10-02 00:55:10 -04:00
parent 34a5d24f79
commit 46bc8cca4d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Sources/Plasma/FeatureLib/pfPython/pyVaultPlayerInfoListNode.cpp
View File

@ -107,7 +107,7 @@ void pyVaultPlayerInfoListNode::AddPlayer( UInt32 playerID )
if (HasPlayer(playerID) || !fNode) if (HasPlayer(playerID) || !fNode)
return; return;
NetVaultNode* templateNode = new NetVaultNode(); NetVaultNode* templateNode = NEWZERO(NetVaultNode);
templateNode->IncRef(); templateNode->IncRef();
templateNode->SetNodeType(plVault::kNodeType_PlayerInfo); templateNode->SetNodeType(plVault::kNodeType_PlayerInfo);
VaultPlayerInfoNode access(templateNode); VaultPlayerInfoNode access(templateNode);