This Trac instance is not used for development anymore!

We migrated our development workflow to git and Gitea.
To test the future redirection, replace trac by ariadne in the page URL.

Changeset 21827 for ps


Ignore:
Timestamp:
05/27/18 15:47:18 (7 years ago)
Author:
elexis
Message:

Prevent the lobby gamelist from breaking entirely if a gamestanza contains an empty or invalid mod version JSON string (refs rP21301).

Catch all JSON SyntaxError exceptions in JS (refs rP18534).
The C++ ParseJSON function already catches exceptions and the resulting errors can't trigger a denial of service.

Differential Revision: https://code.wildfiregames.com/D1479
Based on patch by: Imarok
Reviewed by: Imarok
Comments By: Itms

Location:
ps/trunk/binaries/data/mods/public/gui
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • ps/trunk/binaries/data/mods/public/gui/common/functions_utility.js

    r21754 r21827  
    8888function stringifiedTeamListToPlayerData(stringifiedTeamList)
    8989{
    90     let teamList = JSON.parse(unescapeText(stringifiedTeamList));
     90    let teamList = {};
     91    try
     92    {
     93        teamList = JSON.parse(unescapeText(stringifiedTeamList));
     94    }
     95    catch (e) {}
     96
    9197    let playerData = [];
    9298
     
    172178    Engine.GetGUIObjectByName("chatText").caption = "";
    173179
    174     try {
     180    try
     181    {
    175182        for (let timer of g_ChatTimers)
    176183            clearTimeout(timer);
    177184        g_ChatTimers.length = 0;
    178     } catch (e) {
    179     }
     185    }
     186    catch (e) {}
    180187}
    181188

  • ps/trunk/binaries/data/mods/public/gui/lobby/lobby.js

    r21761 r21827  
    10181018                g_DefaultLobbyRating;
    10191019
    1020         if (!hasSameMods(JSON.parse(game.mods), Engine.GetEngineInfo().mods))
     1020        try
     1021        {
     1022            game.mods = JSON.parse(game.mods);
     1023        }
     1024        catch (e)
     1025        {
     1026            game.mods = [];
     1027        }
     1028
     1029        if (!hasSameMods(game.mods, Engine.GetEngineInfo().mods))
    10211030            game.state = "incompatible";
    10221031
     
    11791188            400, 200,
    11801189            translate("Your active mods do not match the mods of this game.") + "\n\n" +
    1181                 comparedModsString(JSON.parse(game.mods), Engine.GetEngineInfo().mods) + "\n\n" +
     1190                comparedModsString(game.mods, Engine.GetEngineInfo().mods) + "\n\n" +
    11821191                translate("Do you want to switch to the mod selection page?"),
    11831192            translate("Incompatible mods"),
Note: See TracChangeset for help on using the changeset viewer.