Rebuild CClientState::ProcessCreateStringTable() and add notes for multiple 'potential' exploit vectors that are currently in place. Also add wrappers for compressing/decompressing net packets.
Originally, we store the search results in a CMemory instance which we then assign to the actual function pointer. CMemory is just a pointer class; we can assign the results directly to the actual function pointer. This commit reduces a lot of code verbosity, and also reduced roughly 2KiB worth of static pointers in the resulting executable. This commit also officially deprecates the support for any GameDLL's below S3 (Season 3), since it makes more sense to port the assets from earlier/later games back to the version this SDK supports.
Utilize the new IDetour::DetourSetup() code, IDetour::Attach and IDetour::Detach have been removed in favor of this (significantly reduces chance of user error). Since the template check happens in the idetour header, it is much more aggressive on type mismatches, such as a difference in parameter types, between the function and detour, will now raise a compile time error. As a result, some type mismatches have been fixed in this commit as well.
Only block 'CLC_SetPlaylistVarOverride' messages when cheats are disabled. The server still needs to be able to override client playlist vars (using 'SVC_PlaylistOverrides'). This isn't a problem, as on any disconnect, the client will reload its own bundled copy.
This commit fixes an engine bug where netmessages are getting copied into the replay buffer, while these messages should never be replayed. The engine performs an internal check on 'CNetMessage::m_nGroup', and if its NOT 2, the message is getting copied into the replay buffer. All messages returning false in 'ShouldReplayMessage' are not getting copied into the replay buffer anymore. This exploit has been used in the past to route clients that were watching a replay to an arbitrary server, which essentially forms an info leak as the client attempts to connect to the arbitrary server on its own. The exploit also allows for some form of remote code execution, depending on if the client was launched in developer mode or not.
Rebuilds SV_BroadcastVoiceData with an additional check of "sv_alltalk" cvar to disable team checking, allowing for servers to enable global voice chat
Fix exploitation vector that could be performed on the game client to submit commands to other game clients connected to the same server, specifically the 'OnPlayerAward' command. Base_CmdKeyValues now only works when sv_cheats is enabled. SVC/CLC_CmdKeyValues subclass 'Base_CmdKeyValues', so these messages are 'fixed' as well.
This change was planned for a long time. This moves all REGISTER calls to a single translation unit, this is required as we currently added a very dirty workaround for not registering duplicates by checking if VFTable pointer was already present in the vector... Registering from single translation unit prevents duplicate instances that gets created if header is included by more cpp files.
Reworking this reduced 100kb+ of compiled code. This commit also reworked the way functions/variables/constant gets logged with their addresses; the new code formats them on the fly, and allows for resize at any time. Formatting is no longer required by programmer.
TODO: currently there are some compile errors for dedicated and client dll's. These will be resolved very soon as they need to be properly worked out still (server & client only stuff needs to be properly split). Use the 'main' (stable) branch for the time being if you need to compile these dll's.
Client's can run string commands on the server with no rate limit. This means when you run 50k+ commands that are unknown, or spam 30k 'status' commands, you will be able to hang the server for 800/1200ms (15k/30kms if script printing to console is enabled!). Although the netchan processing budget system will kick you, the damage has already been done at this point. This change effectively breaks the ability to DOS the server from the client using networked string commands.
In easier words; binding 'status' to your mousewheel will get you kicked from the server, without hitching the server.
* Use proper types reflecting assembly from the engine in 'CBitRead::Seek' (some values are 64bit, either changed by Respawn or the compiler used by Respawn).
* Confirmed changes made to NETMSG_TYPE_BITS (now 511 instead of 255) and NETMSG_LENGTH_BITS (now 12 which is 511 max instead of 255).
* Confirmed msg HUD types.
* Enforce NET_MIN_MESSAGE on 'SVC_UserMessage::Process'.
* Remove unnecessary padding and add proper symbols where padding was actually used.
Removed padding that was causing the structure to misalign with the game's one.
Enabled 'SVC_UserMessage::Process()' hook (function works properly after the structure alignment).
* Rebuild SetRestrictedServerCommand and SetRestrictedClientCommands
* Implemented new CMemory Function to walk through a VTable.
* pDetours->GetCon() gets called first now.
*
* Added new function to CMemory allowing you to hook a virtual method from a virtual method table.
* Added SVC_Print Class
* Hooked SVC_Print::Process and print the messages the server sends.
*!! Still needs verification for earlier seasons.
Moved every pattern to IDetour interface. This allows for debugging patterns scans more easily, and create threads during pattern searching (Operation is now fired in APIENTRY).
Also cleaned up some unused code/extraneous comments.
Slightly increased performance by purging duplicate patterns.
Made variable search less dependent from other results (except if pattern-to-scan results is within the same header)
Migrating to this to initialize all patterns and prototypes in Systems_Init() instead.
This should make debugging missing/not found patterns easier and allow for opting out variable/constant search (some of these require other patterns to be found, thus resulting in seg faults..).
Also added check to detect if user has a eligible CPU to run this SDK.
The game requires SSE and SSE2 instruction sets. Our SDK requires this too due to the use of SSE intrinsics, so we cannot let the game handle this. We have to check it ourselves.
* Move most definitions to implementation file to avoid recompiling whole program for small changes
* Pass strings by reference for where possible.
* Split Module class to dedicated file.
* Add const qualifiers to all eligible methods for address/module class
* Some renaming
Inline every signature defined in the SDK (previously each translation unit had its own copy of the signature and function prototype). DLL init is near instant now (85% speed improvements).
* Adapt codebase to new class to reduce rune-like code.
* Fixed several bugs where the global CClient pointer was used instead of the instance in question to issue bans and display information about a certain client in CBanSystem and Pylon.
* Upgraded CBanSystem and Pylon to use IPv6 instead (including IPv4 mapped IPv6 addresses). This breaks all existing banlist files! All bans have to be re-issued or the existing file has to be updated to use IPv4 mapped IPv6 addresses and renamed to 'banlist.json', and moved to the root of the 'platform' folder.
