Complete.Org: Mailing Lists: Archives: freeciv-dev: October 2002:
[Freeciv-Dev] [PATCH] Handling of server GEN_STRING option changes (PR#6
Home

[Freeciv-Dev] [PATCH] Handling of server GEN_STRING option changes (PR#6

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: freeciv-dev@xxxxxxxxxxx
Cc: bugs@xxxxxxxxxxxxxxxxxxx
Subject: [Freeciv-Dev] [PATCH] Handling of server GEN_STRING option changes (PR#624)
From: jdorje@xxxxxxxxxxxxxxxxxxxxx
Date: Tue, 1 Oct 2002 23:47:53 -0700 (PDT)

I recently ran across PR#624.  This one is very old.

From Thue's original bug entry: "When setting fx the option "demography" the server will accept any input. The server should check the input when recieving string settings. Try looking at the variable func_change in server/stdinhand.c:struct settings_s".

This patch addresses the issue for the allowconnect and demography strings. It does not check the savename (but it appears the server will not accept any dangerous characters anyway, so this is safe).

jason
Index: server/report.c
===================================================================
RCS file: /home/freeciv/CVS/freeciv/server/report.c,v
retrieving revision 1.32
diff -u -r1.32 report.c
--- server/report.c     2002/09/02 02:19:54     1.32
+++ server/report.c     2002/10/02 06:44:20
@@ -504,6 +504,53 @@
 }
 
 /*************************************************************************
+  Verify that a given demography string is valid.  See
+  game.demography.
+*************************************************************************/
+bool is_valid_demography(const char *demography, char **error_string)
+{
+  int len = strlen(demography), i;
+
+  /* We check each character individually to see if it's valid.  This
+   * does not check for duplicate entries. */
+  for (i = 0; i < len; i++) {
+    bool found = FALSE;
+    int j;
+
+    /* See if the character is a valid column label. */
+    for (j = 0; j < ARRAY_SIZE(coltable); j++) {
+      if (demography[i] == coltable[j].key) {
+       found = TRUE;
+       break;
+      }
+    }
+
+    if (found) {
+      continue;
+    }
+
+    /* See if the character is a valid row label. */
+    for (j = 0; j < ARRAY_SIZE(rowtable); j++) {
+      if (demography[i] == rowtable[j].key) {
+       found = TRUE;
+       break;
+      }
+    }
+
+    if (!found) {
+      /* The character is invalid. */
+      *error_string = _("Demography string contains invalid characters. "
+                       "Try \"help demography\".");
+      return FALSE;
+    }
+  }
+
+  /* Looks like all characters were valid. */
+  *error_string = NULL;
+  return TRUE;
+}
+
+/*************************************************************************
   Send demographics report; what gets reported depends on value of
   demographics server option.  
 *************************************************************************/
Index: server/report.h
===================================================================
RCS file: /home/freeciv/CVS/freeciv/server/report.h,v
retrieving revision 1.3
diff -u -r1.3 report.h
--- server/report.h     2002/04/12 13:50:58     1.3
+++ server/report.h     2002/10/02 06:44:20
@@ -26,6 +26,7 @@
 void make_history_report(void);
 void report_wonders_of_the_world(struct conn_list *dest);
 void report_top_five_cities(struct conn_list *dest);
+bool is_valid_demography(const char *demographics, char **error_message);
 void report_demographics(struct connection *pconn);
 void report_scores(bool final);
 
Index: server/stdinhand.c
===================================================================
RCS file: /home/freeciv/CVS/freeciv/server/stdinhand.c,v
retrieving revision 1.250
diff -u -r1.250 stdinhand.c
--- server/stdinhand.c  2002/09/28 01:36:24     1.250
+++ server/stdinhand.c  2002/10/02 06:44:22
@@ -155,7 +155,7 @@
   /*** string part ***/
   char *string_value;
   char *string_default_value;
-  bool (*string_validate)(char *, char **);
+  bool (*string_validate)(const char *, char **);
   size_t string_value_size;    /* max size we can write into string_value */
 };
 
@@ -165,6 +165,8 @@
 static bool valid_notradesize(int value, char **reject_message);
 static bool valid_fulltradesize(int value, char **reject_message);
 static bool autotoggle(bool value, char **reject_message);
+static bool is_valid_allowconnect(const char *allow_connect,
+                                 char **error_string);
 
 static bool valid_max_players(int v, char **r_m)
 {
@@ -677,7 +679,7 @@
                "   - = Single observer only, no controllers;\n"
                "   (none) = Single controller only.\n"
                "Multiple connections and observer connections are "
-               "currently EXPERIMENTAL."), NULL,
+               "currently EXPERIMENTAL."), is_valid_allowconnect,
             GAME_DEFAULT_ALLOW_CONNECT)
 
   GEN_BOOL("autotoggle", game.auto_ai_toggle, SSET_META, SSET_TO_CLIENT,
@@ -762,7 +764,8 @@
                "or not certain columns are displayed in the report:\n"
                "    q = display \"quantity\" column    r = display \"rank\" 
column\n"
                "    b = display \"best nation\" column\n"
-               "(The order of these characters is not significant, but their 
case is.)"), NULL,
+               "(The order of these characters is not significant, but their 
case is.)"),
+            is_valid_demography,
             GAME_DEFAULT_DEMOGRAPHY)
 
   GEN_INT("saveturns", game.save_nturns, SSET_META, SSET_SERVER_ONLY,
@@ -3669,6 +3672,50 @@
   } players_iterate_end;
 
   reject_message = NULL; /* we should modify this, but since we cannot fail... 
*/
+  return TRUE;
+}
+
+/*************************************************************************
+  Verify that a given allowconnect string is valid.  See
+  game.allow_connect.
+*************************************************************************/
+static bool is_valid_allowconnect(const char *allow_connect,
+                                 char **error_string)
+{
+  int len = strlen(allow_connect), i;
+  bool havecharacter_state = FALSE;
+
+  /* We check each character individually to see if it's valid.  This
+   * does not check for duplicate entries.
+   *
+   * We also track the state of the machine.  havecharacter_state is
+   * true if the preceeding character was a primary label, e.g.
+   * NHhAadb.  It is false if the preceeding character was a modifier
+   * or if this is the first character. */
+
+  for (i = 0; i < len; i++) {
+    /* Check to see if the character is a primary label. */
+    if (strchr("NHhAadb", allow_connect[i])) {
+      havecharacter_state = TRUE;
+      continue;
+    }
+
+    /* If we've already passed a primary label, check to see if the
+     * character is a modifier. */
+    if (havecharacter_state
+       && strchr("*+=-", allow_connect[i])) {
+      havecharacter_state = FALSE;
+      continue;
+    }
+
+    /* Looks like the character was invalid. */
+    *error_string = _("Allowed connections string contains invalid\n"
+                     "characters.  Try \"help allowconnect\".");
+    return FALSE;
+  }
+
+  /* All characters were valid. */
+  *error_string = NULL;
   return TRUE;
 }
 

[Prev in Thread] Current Thread [Next in Thread]