mirror of
https://github.com/Mauler125/r5sdk.git
synced 2025-02-09 19:15:03 +01:00
35 lines
1.1 KiB
C++
35 lines
1.1 KiB
C++
//====== Copyright <20> 1996-2005, Valve Corporation, All rights reserved. =======//
|
||
//
|
||
// Purpose: Parsing of entity network packets.
|
||
//
|
||
// $NoKeywords: $
|
||
//=============================================================================//
|
||
#include "core/stdafx.h"
|
||
#include "public/const.h"
|
||
#include "engine/client/cl_ents_parse.h"
|
||
|
||
bool CL_CopyExistingEntity(__int64 a1, unsigned int* a2, char* a3)
|
||
{
|
||
int nNewEntity = *reinterpret_cast<int*>(a1 + 40);
|
||
if (nNewEntity >= MAX_EDICTS || nNewEntity < NULL)
|
||
{
|
||
// Value isn't sanitized in release builds for
|
||
// every game powered by the Source Engine 1
|
||
// causing read/write outside of array bounds.
|
||
// This defect has let to the achievement of a
|
||
// full-chain RCE exploit. We hook and perform
|
||
// sanity checks for the value of m_nNewEntity
|
||
// here to prevent this behavior from happening.
|
||
return false;
|
||
}
|
||
return v_CL_CopyExistingEntity(a1, a2, a3);
|
||
}
|
||
|
||
void CL_Ents_Parse_Attach()
|
||
{
|
||
DetourAttach((LPVOID*)&v_CL_CopyExistingEntity, &CL_CopyExistingEntity);
|
||
}
|
||
void CL_Ents_Parse_Detach()
|
||
{
|
||
DetourDetach((LPVOID*)&v_CL_CopyExistingEntity, &CL_CopyExistingEntity);
|
||
} |