OU
/
CWE-ou-minkata
mirror of https://foundry.openuru.org/gitblit/r/CWE-ou-minkata.git
2
1
Fork 0
Code Releases Activity
Browse Source

Correctly allocate the NetVaultNode in pyVaultPlayerInfoListNode. 

The affected code was ported from H'uru where NetVaultNode has a zeroing
constructor. OU does not have a zeroing constructor for this class, and
instead assumes that all allocations will be done with NEWZERO (there is
a debug mode assertion to this effect). The result of the improper
allocation is that the node fields flag could be garbage, causing a
vault node with random contents to be written to the server.

Unfortunately, NetVaultNode::Read_LCS is not extremely resilient to
reading in unexpected data, so this may result in a crash.
tickets/23/23/1
Adam Johnson 3 years ago
parent
34a5d24f79
commit
46bc8cca4d
Signed by: Hoikas
GPG Key ID: 0B6515D6FF6F271E
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      Sources/Plasma/FeatureLib/pfPython/pyVaultPlayerInfoListNode.cpp

2
Sources/Plasma/FeatureLib/pfPython/pyVaultPlayerInfoListNode.cpp
Unescape View File

@ -107,7 +107,7 @@ void pyVaultPlayerInfoListNode::AddPlayer( UInt32 playerID )
if (HasPlayer(playerID) || !fNode)
return;
NetVaultNode* templateNode = new NetVaultNode();
NetVaultNode* templateNode = NEWZERO(NetVaultNode);
templateNode->IncRef();
templateNode->SetNodeType(plVault::kNodeType_PlayerInfo);
VaultPlayerInfoNode access(templateNode);

Write Preview
Loading…
Cancel
Save