1. 26 Jan, 2019 5 commits
  2. 25 Jan, 2019 1 commit
    • Paramat's avatar
      blitToVManip: Check out-of-bounds using node position not index (#8127) · 922e6ff5
      Paramat authored
      Previously, when using 'place on vmanip' to add a schematic to a
      lua voxelmanip, if part of the schematic was outside the voxelmanip
      volume, the outside part would often appear in a strange place
      elsewhere inside the voxelmanip instead of being trimmed off.
      This was due to the out-of-bounds check checking the index.
      
      A position outside the voxelmanip can have an index that satisfies
      '0 <= index <= voxelmanip volume', causing the node to be placed
      at a strange position inside the voxelmanip.
      
      Use 'vm->m_area.contains(pos)' instead.
      Move index calculation to later in the code to optimise.
      922e6ff5
  3. 22 Jan, 2019 1 commit
    • Paramat's avatar
      Fix warnings about dungeongen.cpp memcpy() and unused variable in... · bc1e5476
      Paramat authored
      Fix warnings about dungeongen.cpp memcpy() and unused variable in MapBlock::deSerializeNetworkSpecific() (#8122)
      
      * Fix warning about dungeongen.cpp memcpy()
      
      * Fix unused variable in MapBlock::deSerializeNetworkSpecific()
      
      * Fix unused variable a simpler way
      bc1e5476
  4. 21 Jan, 2019 1 commit
    • Jozef Behran's avatar
      Fix randomly rejected form field submits (#8091) · 33afe1fb
      Jozef Behran authored
      If a formspec is submitted from a form fields handling
      callback of another form (or "formspec shown from another
      formspec"), the fields submitted for it can get
      rejected by the form exploit mitigation subsystem with a
      message like "'zorman2000' submitted formspec
      ('formspec_error:form2') but server hasn't sent formspec to
      client, possible exploitation attempt" being sent to logs.
      This was already reported as #7374 and a change was made
      that fixed the simple testcase included with that bug
      report but the bug still kept lurking around and popping
      out in more complicated scenarios like the advtrains TSS
      route programming UI.
      
      Deep investigation of the problem revealed that this
      sequence of events is entirely possible and leads to the
      bug:
      
        1. Server: show form1
        2. Client *shows form1*
        3. Client: submits form1
        4. Server: show form2
        5. Client: says form1 closed
        6. Client *shows form2*
        7. Client: submits form2
      
      What happens inside the code is that when the server in
      step 4 sends form2, the registry of opened forms is
      updated to reflect the fact that form2 is now the valid
      form for the client to submit. Then when in step 5 client
      says "form1 was closed", the exploit mitigation subsystem
      code deletes the registry entry for the client without
      bothering to check whether the form client says was
      closed just now is indeed the form that is recorded in
      that entry as the valid form. Then later, in step 7 the
      client tries to submit its valid form fields, these will
      be rejected because the entry is missing.
      
      It turns out the procedure where the broken code resides
      already gets the form name so a simple "if" around the
      offending piece of code fixes the whole thing. And
      advtrains TSS agrees with that.
      33afe1fb
  5. 20 Jan, 2019 1 commit
  6. 19 Jan, 2019 3 commits
  7. 18 Jan, 2019 1 commit
  8. 16 Jan, 2019 1 commit
  9. 13 Jan, 2019 2 commits
    • SmallJoker's avatar
      world.mt: Only accept true/false/nil values (#8055) · ed1415f7
      SmallJoker authored
      This patch will make distinguishable mods in modpacks possible in the future
      `nil` checks are required to provide backwards-compatibility for fresh configured worlds
      ed1415f7
    • Jozef Behran's avatar
      Speed up the craft definition handling (#8097) · a51909bb
      Jozef Behran authored
      The craft definition handling code that collects the names of
      the craftable nodes suffers from vector reallocation
      performance hits, slowing down instances with lots of
      crafting recipes (VanessaE's DreamBuilder and most public
      server some to my mind when thinking about this). As in each
      instance the size of the resulting vector is already known,
      add a reserve() call before the offending loops to allocate
      the needed chunk of memory within the result vector in one
      go, getting rid of the overhead.
      a51909bb
  10. 12 Jan, 2019 2 commits
    • Jozef Behran's avatar
      Optimize path finalization in pathfinder (#8100) · 5a00b118
      Jozef Behran authored
      The pathfinder needs quite a bunch of items to add to the
      resulting list. It turns out the amount of the space needed
      for the finalized path is known in advance so preallocate it
      to avoid a burst of reallocation calls each time something
      needs to look for a path.
      5a00b118
    • Jozef Behran's avatar
      Fix fake LINT check success (#8092) · 03cc93f4
      Jozef Behran authored
      The code 'if [ -z ${something} ]; then ... fi' means "if
      ${something} is an empty string, yell at the command line
      about 'binary operator expected' and ignore the body of the
      if statement, if ${something} is not an empty string,
      the condition is false so ignore the body of the if
      statement" which clearly isn't what the author wanted. Fix
      it by adding a few quotes around the offending ${something}.
      03cc93f4
  11. 10 Jan, 2019 1 commit
  12. 09 Jan, 2019 4 commits
  13. 07 Jan, 2019 1 commit
    • Loïc Blot's avatar
      Fix a crash on Android with Align2Npot2 (#8070) · 95d4ff6d
      Loïc Blot authored
      * Fix a crash on Android with Align2Npot2
      
      glGetString can be NULL. If stored in a string it triggers a SIGSEGV.
      Instead do a basic strstr and verify the pointer
      * Better Align2Npot2 check (+ performance)
      95d4ff6d
  14. 06 Jan, 2019 7 commits
  15. 04 Jan, 2019 6 commits
  16. 03 Jan, 2019 3 commits
    • sofar's avatar
      Remove remote media compatibility mode. (#8044) · cf224c9d
      sofar authored
      The fallback code shouldn't be needed and is a remnant of the GET
      method that old media servers use. Clients using it are likely
      to just waste bandwidth and having to download the media again
      through the normal transfer from server method. The most reliable
      method is to get all missing textures therefore from the server
      directly and not spam the remote media server with 404s.
      cf224c9d
    • SmallJoker's avatar
      Proselytize the network. Use IEEE F32 (#8030) · bba4563d
      SmallJoker authored
      * Proselytize the network. Use IEEE F32
      * Remove unused V2F1000 functions
      bba4563d
    • Paramat's avatar
      CSM restrictions: Make 'LOAD_CLIENT_MODS' disable loading of 'builtin' (#8000) · ceacff13
      Paramat authored
      Previously, when the CSM restriction 'LOAD_CLIENT_MODS' was used a
      client was still able to add CSM code to 'builtin' to bypass that
      restriction, because 'builtin' is not yet verified.
      
      Until server-sent CSM and verifying of 'builtin' are complete, make
      'LOAD_CLIENT_MODS' disable the loading of builtin.
      
      Clarify code comments and messages to distinguish between client-side
      modding and client-side scripting. 'Scripting' includes 'builtin',
      'modding' does not.
      ceacff13