R5Reloaded/r5sdk
1
0
Fork 0
mirror of https://github.com/Mauler125/r5sdk.git synced 2025-02-09 19:15:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Engine: properly handle under/overflows in CL_CopyExistingEntity

Browse Source 
The engine expects the pbError parameter to be set when there is an error. Also call Host_Error to let the user know why we errored out.
This commit is contained in:
Kawe Mazidjatari 2024-11-24 12:03:08 +01:00
parent 10b466bde7
commit 2128b0ad04
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/engine/client/cl_ents_parse.cpp
View File

@ -6,6 +6,7 @@
//=============================================================================//
#include "core/stdafx.h"
#include "public/const.h"
#include "engine/host.h"
#include "engine/client/cl_ents_parse.h"
bool CL_CopyExistingEntity(CEntityReadInfo* const u, unsigned int* const iClass, bool* const pbError)
@ -19,6 +20,9 @@ bool CL_CopyExistingEntity(CEntityReadInfo* const u, unsigned int* const iClass,
// full-chain RCE exploit. We hook and perform
// sanity checks for the value of m_nNewEntity
// here to prevent this behavior from happening.
Host_Error("CL_CopyExistingEntity: u.m_nNewEntity < 0 || u.m_nNewEntity >= MAX_EDICTS");
*pbError = true;
return false;
}