Merge: curl/curl@7214288898
Note: The 'CURLU' class does not exist in this particular version of curl, therefore, an alternative approach has been incorporated to mitigate the issue. Code has been tested, and the issue has been fixed.
Merge: curl/curl@69a358f218
Note: due to the many updates between the curl version this has been fixed in, and the one used in the SDK, the function was slightly different. The code has been tested however, after implementing the fix for this particular version of the library, the code appears to work perfectly with the vuln being fixed (tested on an FTP server with 10k files in the directory).
Merge: curl/curl@3c9e021f86
Note: Member order in 'connfind' has been left identical, except for that 'found' (now 'id_tofind') is a long. Code however, should pad it to a 4 byte boundary. Size of 'UrlState' has also remained unchanged, the 'connectdata' member has been renamed to 'lastconnect_id', and its type has been changed to 'long'. Additional padding has been incorporated to make sure the structure's size remains the same as that of the game, may we ever hook compiled code with ours.
This commit significantly reduces output code size, and a noticeable increase in performance. Changes are:
- Removed all extraneous std::string and std::vector copy constructions; use raw pointers instead to boost performance.
- Marked simple getters in CModule inline.
- Marked several functions in CModule const.
- Slightly reordered CModule class.
- 'CMemory::CheckOpCodes' and 'CMemory::Patch' now take a const reference.
Check if the actual message type is 'TextMsg' before printing, since other data is binary and could be read as 'HUD_PRINTCONSOLE', 'HUD_PRINTCENTER', etc.. resulting in printing binary data. This fix permanently solves that problem. The check has also been applied to the 'ShouldReplayMessage' function.
The if statement comparing 'nLen' with 'nMaxLen' increments 'nLen' first at all times, but the statement below that checks the delimiters seeks -1 from current pos, causing a desync. This could result in reading arbitrary memory on certain strings. This fix also fixes the useless need to 'snag' the delimiters from tokens.
Must be normalized, bad values (NAN or FLT_MAX) will crash the game. There is more that needs to be clamped, but before we can do this CUserCmd has to be reversed more.
This ConVar's name was set to its helpstring. This patch solves it by assigning the name field to an existing string that makes sense, and moving the helpstring into the actual helpstring field. An additional instruction has been inserted to load the NULL string address into RAX, which required light instruction shifting. After performing this patch, the ConVar now could be ser in the console.
The frame time send from CL_Move is not sanitized on the server; clamp it to the same cvars the client is clamping them to so players busting out the clamps cannot speed hack. The values are replicated between the server and client, so if someone wants to tweak the values, it won't mess up on either the server or client.
Ported the logic from the more recent builds into the SDK rebuild. Note that this isn't all that has changed in the live builds, but were the only things worth porting back. Frame times are now properly clamped on the client. Some testing revealed that the movement now feels identical to the live version of the game, which was the target. This commit also fixes a bug in CL_Move were the datagram was not send, and the next cmd time wasn't set if the client was NOT active, while it should have.
Function 'CL_Move' has been fully rebuild in the SDK. Originally, the game checked if the delta time exceeded an amount defined by an immediate value, and dropped usercmd's if that was the case. This logic has been replaced with a more dynamic solution, and the console variable regulating this ('fps_input_max') is set to 200.0 by default (the same as the fix applied in the Season 9.1 Genesis update). This function also has been slightly optimized by removing duplicate operations that were performed in the original function. A second fix has been applied to 'CInput::JoyStickApplyMovement' that was also found changed in the Season 9.1 Genesis executable. In that function, an extraneous clamp was performed on the frame time causing viewstick problems when usercmd's get dropped in CL_Move.
Since this file no longer gets build along with the DLL project, but as a static lib instead, the 'DEDICATED' define no longer worked, and therefore this became broken after the CMake port. The 'CURLHandleError' helper function now takes a bool determining whether or not to log the error, and the caller disables it for dedicated (dedicated should only log the error once, this happens from within the caller class).
