diff options
| author | Jesusaves <cpntb1@ymail.com> | 2024-07-30 23:51:05 -0300 |
|---|---|---|
| committer | Jesusaves <cpntb1@ymail.com> | 2024-07-30 23:51:05 -0300 |
| commit | f2ce515a90567d44e3b192127cbcb9a5d1aa4161 (patch) | |
| tree | f7d2496d16a122d4e399f2d705f69d2b30f4e49d | |
| parent | 72f0a9f81f3d99446877029a5e089d7f388c3959 (diff) | |
| download | serverdata-f2ce515a90567d44e3b192127cbcb9a5d1aa4161.tar.gz serverdata-f2ce515a90567d44e3b192127cbcb9a5d1aa4161.tar.bz2 serverdata-f2ce515a90567d44e3b192127cbcb9a5d1aa4161.tar.xz serverdata-f2ce515a90567d44e3b192127cbcb9a5d1aa4161.zip | |
[CVE] Unsanitized input via debugmes maybe can fire GM 99 commands.
It's logged, but still, I would rather not have this vulnerability.
(It might not even be a real issue, but who's going to risk it?!)
| -rw-r--r-- | npc/001-11/Demure.txt | 2 | ||||
| -rw-r--r-- | npc/002-3/nard.txt | 2 | ||||
| -rw-r--r-- | npc/commands/discord.txt | 2 | ||||
| -rw-r--r-- | npc/functions/main.txt | 10 |
4 files changed, 11 insertions, 5 deletions
diff --git a/npc/001-11/Demure.txt b/npc/001-11/Demure.txt index 656f3a7cc..b663e1876 100644 --- a/npc/001-11/Demure.txt +++ b/npc/001-11/Demure.txt @@ -46,7 +46,7 @@ if (!#VALENTINE_SENT) mesc l("(If you don't have anyone special to send these, send to @@. Perhaps they'll calm down with those T.T)", b("Monster King")), 3; input .@ref$; - //debugmes "Sending chocolate to: "+.@ref$; + //debugmes "Sending chocolate to: "+.@ref$; // [DO NOT UNCOMMENT] mes ""; if (.@ref$ != "") { .@ref=gf_accid(strip(.@ref$)); diff --git a/npc/002-3/nard.txt b/npc/002-3/nard.txt index 457af21f3..2a47e0090 100644 --- a/npc/002-3/nard.txt +++ b/npc/002-3/nard.txt @@ -120,7 +120,7 @@ L_Referral: do { input .@ref$; - //debugmes "Player invite: "+.@ref$; + //debugmes "Player invite: "+.@ref$; // [DO NOT UNCOMMENT] mes ""; if (.@ref$ != "") { .@ref=gf_accid(strip(.@ref$)); diff --git a/npc/commands/discord.txt b/npc/commands/discord.txt index dbde232bd..fd8d6ee1a 100644 --- a/npc/commands/discord.txt +++ b/npc/commands/discord.txt @@ -84,6 +84,8 @@ OnCall: mes ""; clear; mesc l("Linking the following Discord account:"); + replacestr(.@discord$, "\n", ""); // CVE + replacestr(.@discord$, "\\n", ""); // CVE mesc .@discord$, 1; mesc l("Is this correct?"); if (askyesno() == ASK_NO) close; diff --git a/npc/functions/main.txt b/npc/functions/main.txt index 6cc49229c..1065f35ed 100644 --- a/npc/functions/main.txt +++ b/npc/functions/main.txt @@ -522,13 +522,17 @@ function script Exception { if (.@gf & RB_DISPBOTTOM) dispbottom("ERROR: "+.@msg$); + if (.@gf & RB_SPEECH) + mesc("ERROR, REPORT ME! "+.@msg$, 1); + + // DO NOT send new lines to debug console [CVE] + replacestr(.@msg$, "\n", ""); // CVE + replacestr(.@msg$, "\\n", ""); // CVE + if (.@gf & RB_DEBUGMES) consolewarn(.@msg$); //debugmes("[Warning] "+.@msg$); - if (.@gf & RB_SPEECH) - mesc("ERROR, REPORT ME! "+.@msg$, 1); - if (.@gf & RB_IRCBROADCAST) channelmes("#world", "Error in script: "+.@msg$); |