- Use std::map for mapping vtables to interface objects, previously done with a set and a vector.
- Objects are no longer inline, which significantly reduced output code size as all redundant dynamic initializers (created for each translation unit) have been pruned.
The game's memalloc does not support memory expansion, the base expansion function couldn't be shadowed properly without linker errors. However we want to make sure no instances of it get compiled into the module, ever. Therefore, the duplicate symbol is kept in memoverride (_expand_base), and the only usage has been removed from LZHAM's 'lzham_mem'. If a linkage is attempted to anything utilizing '_expand', a linker error will be emitted and no image will be generated.
- Disable function inlining entirely, this allows for much easier hooking between engine and SDK code (the compiled code is now identical between engine and SDK, except that the SDK has all relevant security problems patched as per https://curl.se/docs/vuln-7.54.0.html).
- Enable buffer security checks to avoid potential remote attacks.
Previously, it was all controlled from the global init (applied to all projects), but some projects need different options. With these changes, you can disable the common options applied in the 'add_module' macro, and set your own if desired.
Merge: curl/curl@139a54ed0a
Note: protocol compare couldn't be added, as this would require adding a new member in the state structure, and therefore, break compatibility with the structures in the compiled executable (breaking the ability to hook any of its code). This fix should be sufficient however.
Merge: curl/curl@7214288898
Note: The 'CURLU' class does not exist in this particular version of curl, therefore, an alternative approach has been incorporated to mitigate the issue. Code has been tested, and the issue has been fixed.
Merge: curl/curl@69a358f218
Note: due to the many updates between the curl version this has been fixed in, and the one used in the SDK, the function was slightly different. The code has been tested however, after implementing the fix for this particular version of the library, the code appears to work perfectly with the vuln being fixed (tested on an FTP server with 10k files in the directory).
Merge: curl/curl@3c9e021f86
Note: Member order in 'connfind' has been left identical, except for that 'found' (now 'id_tofind') is a long. Code however, should pad it to a 4 byte boundary. Size of 'UrlState' has also remained unchanged, the 'connectdata' member has been renamed to 'lastconnect_id', and its type has been changed to 'long'. Additional padding has been incorporated to make sure the structure's size remains the same as that of the game, may we ever hook compiled code with ours.
2 warnings:
Operation 'lkup[arr[i] & 0xF] | 0x8000;' returns an int, but should return a unsigned short; added explicit cast.
Operation 'arr[i] & 0xF' could read up to 64 bytes, while the stack buffer is only 16 bytes. Switched to operation: ''arr[i] & 0x3'.
The static buffer has also been declare const now.
Function 'updateLeftFace' is static, and when 'REVERSE_DIRECTION' is set to 1, its not getting used anywhere leading to a compiler warning as it has internal linkage with no references, and thus its getting pruned. Only define the function when 'REVERSE_DIRECTION' is 0.
Treat them as errors globally. Most of the time a warning is a bug, or problem in code that could be solved in a different (better) manner. Thirdparty code have this disabled. The warnings as errors option can be globally disabled through the CMake GUI, but this is not recommended.
