Archives/OpenTTD-patches
2
0
Fork 0
mirror of https://github.com/JGRennison/OpenTTD-patches.git synced 2024-11-11 13:10:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

(svn r23598) -Fix: harden FormatString against abuse

Browse Source
This commit is contained in:
truebrain 2011-12-19 20:44:39 +00:00
parent e75153d8ac
commit f8203f09ca
1 changed files with 29 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
src/strings.cpp
View File

@ -940,7 +940,10 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
/* Tiny description of cargotypes. Layout: /* Tiny description of cargotypes. Layout:
* param 1: cargo type * param 1: cargo type
* param 2: cargo count */ * param 2: cargo count */
StringID cargo_str = CargoSpec::Get(args->GetInt32(SCC_CARGO_SHORT))->units_volume; CargoID cargo = args->GetInt32(SCC_CARGO_TINY);
if (cargo >= CargoSpec::GetArraySize()) break;
StringID cargo_str = CargoSpec::Get(cargo)->units_volume;
int64 amount = 0; int64 amount = 0;
switch (cargo_str) { switch (cargo_str) {
case STR_TONS: case STR_TONS:
@ -965,7 +968,10 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
/* Short description of cargotypes. Layout: /* Short description of cargotypes. Layout:
* param 1: cargo type * param 1: cargo type
* param 2: cargo count */ * param 2: cargo count */
StringID cargo_str = CargoSpec::Get(args->GetInt32(SCC_CARGO_SHORT))->units_volume; CargoID cargo = args->GetInt32(SCC_CARGO_SHORT);
if (cargo >= CargoSpec::GetArraySize()) break;
StringID cargo_str = CargoSpec::Get(cargo)->units_volume;
switch (cargo_str) { switch (cargo_str) {
case STR_TONS: { case STR_TONS: {
assert(_settings_game.locale.units < lengthof(_units)); assert(_settings_game.locale.units < lengthof(_units));
@ -995,6 +1001,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
case SCC_CARGO_LONG: { // {CARGO_LONG} case SCC_CARGO_LONG: { // {CARGO_LONG}
/* First parameter is cargo type, second parameter is cargo count */ /* First parameter is cargo type, second parameter is cargo count */
CargoID cargo = args->GetInt32(SCC_CARGO_LONG); CargoID cargo = args->GetInt32(SCC_CARGO_LONG);
if (cargo != CT_INVALID && cargo >= CargoSpec::GetArraySize()) break;
StringID cargo_str = (cargo == CT_INVALID) ? STR_QUANTITY_N_A : CargoSpec::Get(cargo)->quantifier; StringID cargo_str = (cargo == CT_INVALID) ? STR_QUANTITY_N_A : CargoSpec::Get(cargo)->quantifier;
StringParameters tmp_args(*args, 1); StringParameters tmp_args(*args, 1);
buff = GetStringWithArgs(buff, cargo_str, &tmp_args, last); buff = GetStringWithArgs(buff, cargo_str, &tmp_args, last);
@ -1091,7 +1099,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_COMPANY_NAME: { // {COMPANY} case SCC_COMPANY_NAME: { // {COMPANY}
const Company *c = Company::Get((CompanyID)args->GetInt32()); const Company *c = Company::GetIfValid(args->GetInt32());
if (c == NULL) break;
if (c->name != NULL) { if (c->name != NULL) {
buff = strecpy(buff, c->name, last); buff = strecpy(buff, c->name, last);
@ -1136,10 +1145,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_ENGINE_NAME: { // {ENGINE} case SCC_ENGINE_NAME: { // {ENGINE}
EngineID engine = (EngineID)args->GetInt32(SCC_ENGINE_NAME); const Engine *e = Engine::GetIfValid(args->GetInt32(SCC_ENGINE_NAME));
const Engine *e = Engine::Get(engine); if (e == NULL) break;
assert(e != NULL);
if (e->name != NULL && e->IsEnabled()) { if (e->name != NULL && e->IsEnabled()) {
buff = strecpy(buff, e->name, last); buff = strecpy(buff, e->name, last);
@ -1151,9 +1158,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_GROUP_NAME: { // {GROUP} case SCC_GROUP_NAME: { // {GROUP}
const Group *g = Group::Get(args->GetInt32()); const Group *g = Group::GetIfValid(args->GetInt32());
if (g == NULL) break;
assert(g != NULL);
if (g->name != NULL) { if (g->name != NULL) {
buff = strecpy(buff, g->name, last); buff = strecpy(buff, g->name, last);
@ -1167,10 +1173,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_INDUSTRY_NAME: { // {INDUSTRY} case SCC_INDUSTRY_NAME: { // {INDUSTRY}
const Industry *i = Industry::Get(args->GetInt32(SCC_INDUSTRY_NAME)); const Industry *i = Industry::GetIfValid(args->GetInt32(SCC_INDUSTRY_NAME));
if (i == NULL) break;
/* industry not valid anymore? */
assert(i != NULL);
/* First print the town name and the industry type name. */ /* First print the town name and the industry type name. */
int64 args_array[2] = {i->town->index, GetIndustrySpec(i->type)->name}; int64 args_array[2] = {i->town->index, GetIndustrySpec(i->type)->name};
@ -1182,7 +1186,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_PRESIDENT_NAME: { // {PRESIDENT_NAME} case SCC_PRESIDENT_NAME: { // {PRESIDENT_NAME}
const Company *c = Company::Get((CompanyID)args->GetInt32(SCC_PRESIDENT_NAME)); const Company *c = Company::GetIfValid(args->GetInt32(SCC_PRESIDENT_NAME));
if (c == NULL) break;
if (c->president_name != NULL) { if (c->president_name != NULL) {
buff = strecpy(buff, c->president_name, last); buff = strecpy(buff, c->president_name, last);
@ -1231,9 +1236,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_TOWN_NAME: { // {TOWN} case SCC_TOWN_NAME: { // {TOWN}
const Town *t = Town::Get(args->GetInt32(SCC_TOWN_NAME)); const Town *t = Town::GetIfValid(args->GetInt32(SCC_TOWN_NAME));
if (t == NULL) break;
assert(t != NULL);
if (t->name != NULL) { if (t->name != NULL) {
buff = strecpy(buff, t->name, last); buff = strecpy(buff, t->name, last);
@ -1244,9 +1248,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_WAYPOINT_NAME: { // {WAYPOINT} case SCC_WAYPOINT_NAME: { // {WAYPOINT}
Waypoint *wp = Waypoint::Get(args->GetInt32(SCC_WAYPOINT_NAME)); Waypoint *wp = Waypoint::GetIfValid(args->GetInt32(SCC_WAYPOINT_NAME));
if (wp == NULL) break;
assert(wp != NULL);
if (wp->name != NULL) { if (wp->name != NULL) {
buff = strecpy(buff, wp->name, last); buff = strecpy(buff, wp->name, last);
@ -1261,9 +1264,8 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_VEHICLE_NAME: { // {VEHICLE} case SCC_VEHICLE_NAME: { // {VEHICLE}
const Vehicle *v = Vehicle::Get(args->GetInt32(SCC_VEHICLE_NAME)); const Vehicle *v = Vehicle::GetIfValid(args->GetInt32(SCC_VEHICLE_NAME));
if (v == NULL) break;
assert(v != NULL);
if (v->name != NULL) { if (v->name != NULL) {
buff = strecpy(buff, v->name, last); buff = strecpy(buff, v->name, last);
@ -1286,7 +1288,9 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg
} }
case SCC_SIGN_NAME: { // {SIGN} case SCC_SIGN_NAME: { // {SIGN}
const Sign *si = Sign::Get(args->GetInt32()); const Sign *si = Sign::GetIfValid(args->GetInt32());
if (si == NULL) break;
if (si->name != NULL) { if (si->name != NULL) {
buff = strecpy(buff, si->name, last); buff = strecpy(buff, si->name, last);
} else { } else {