Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork654
Comments
Fix API crash when passing invalid monster type to FamilyFromType#5631
Open
aidanvalero wants to merge 1 commit intocuberite:experimentalfrom
Open
Fix API crash when passing invalid monster type to FamilyFromType#5631aidanvalero wants to merge 1 commit intocuberite:experimentalfrom
aidanvalero wants to merge 1 commit intocuberite:experimentalfrom
Conversation
…berite#5442)Prevents server crash when Lua plugins pass invalid entity types (e.g., -1)to cMonster:FamilyFromType(). Previously, invalid types would fall throughthe switch statement to UNREACHABLE() macro, causing a crash.Root Cause:- FamilyFromType() had no validation for invalid entity types- Switch statement didn't handle out-of-range or negative values- Lua API allows passing any integer, including invalid values- UNREACHABLE() macro at end of switch triggers assertion/crashFix:- Added validation check at function start- Returns mfNoSpawn for invalid entity types (etInvalid or negative values)- Prevents crash while maintaining expected behaviorTesting:- Normal mob types still work correctly- Invalid types (-1, out-of-range) return mfNoSpawn instead of crashing- Lua API fuzzing no longer triggers crashFixescuberite#5442
3e769ea toe5bd44eCompare This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Labels
None yet
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixed server crash when Lua plugins pass invalid entity types to
cMonster:FamilyFromType(). Previously, calling this with invalid values like-1would crash the server.Root Cause
FamilyFromType()had no input validation for entity typesUNREACHABLE()macro which triggers crashSecurity Impact
Before: Malicious plugins could crash the server with
cMonster:FamilyFromType(-1)After: Invalid types return
mfNoSpawngracefullyChanges
Monster.cpp: Added validation check at start ofFamilyFromType()mfNoSpawnforetInvalidor negative entity typesTesting
mfNoSpawninstead of crashing ✓Fixes#5442