From fca5a01145f78a4ae517da6c19ee61ab54574e82 Mon Sep 17 00:00:00 2001 From: Tiger Wang Date: Fri, 29 Aug 2014 13:41:50 +0100 Subject: Improved command block security --- src/BlockEntities/CommandBlockEntity.cpp | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) (limited to 'src/BlockEntities/CommandBlockEntity.cpp') diff --git a/src/BlockEntities/CommandBlockEntity.cpp b/src/BlockEntities/CommandBlockEntity.cpp index 45f8a3e4d..fe2f5e60a 100644 --- a/src/BlockEntities/CommandBlockEntity.cpp +++ b/src/BlockEntities/CommandBlockEntity.cpp @@ -13,6 +13,7 @@ #include "../Root.h" #include "../Server.h" // ExecuteConsoleCommand() #include "../Chunk.h" +#include "../ChatColor.h" @@ -206,15 +207,27 @@ void cCommandBlockEntity::Execute() virtual void Out(const AString & a_Text) { // Overwrite field - m_CmdBlock->SetLastOutput(a_Text); + m_CmdBlock->SetLastOutput(cClientHandle::FormatChatPrefix(m_CmdBlock->GetWorld()->ShouldUseChatPrefixes(), "SUCCESS", cChatColor::Green, cChatColor::White) + a_Text); } } CmdBlockOutCb(this); - LOGD("cCommandBlockEntity: Executing command %s", m_Command.c_str()); - - cServer * Server = cRoot::Get()->GetServer(); - - Server->ExecuteConsoleCommand(m_Command, CmdBlockOutCb); + if ( // Administrator commands are not executable by command blocks + (m_Command != "stop") && + (m_Command != "restart") && + (m_Command != "kick") && + (m_Command != "ban") && + (m_Command != "ipban") + ) + { + cServer * Server = cRoot::Get()->GetServer(); + LOGD("cCommandBlockEntity: Executing command %s", m_Command.c_str()); + Server->ExecuteConsoleCommand(m_Command, CmdBlockOutCb); + } + else + { + SetLastOutput(cClientHandle::FormatChatPrefix(GetWorld()->ShouldUseChatPrefixes(), "FAILURE", cChatColor::Rose, cChatColor::White) + "Adminstration commands can not be executed"); + LOGD("cCommandBlockEntity: Prevented execution of administration command %s", m_Command.c_str()); + } // TODO 2014-01-18 xdot: Update the signal strength. m_Result = 0; -- cgit v1.2.3 From db663c7ee1737f5e03c0bce6584933123b9d58e3 Mon Sep 17 00:00:00 2001 From: madmaxoft Date: Sat, 30 Aug 2014 22:24:04 +0200 Subject: Fixed style. --- src/BlockEntities/CommandBlockEntity.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/BlockEntities/CommandBlockEntity.cpp') diff --git a/src/BlockEntities/CommandBlockEntity.cpp b/src/BlockEntities/CommandBlockEntity.cpp index fe2f5e60a..dd0858378 100644 --- a/src/BlockEntities/CommandBlockEntity.cpp +++ b/src/BlockEntities/CommandBlockEntity.cpp @@ -211,13 +211,14 @@ void cCommandBlockEntity::Execute() } } CmdBlockOutCb(this); - if ( // Administrator commands are not executable by command blocks + // Administrator commands are not executable by command blocks: + if ( (m_Command != "stop") && (m_Command != "restart") && (m_Command != "kick") && (m_Command != "ban") && (m_Command != "ipban") - ) + ) { cServer * Server = cRoot::Get()->GetServer(); LOGD("cCommandBlockEntity: Executing command %s", m_Command.c_str()); -- cgit v1.2.3 From 361b7d5379faf59140befa9d3a6c88fcad75535b Mon Sep 17 00:00:00 2001 From: worktycho Date: Sun, 31 Aug 2014 21:14:42 +0100 Subject: Changed null check to assert Changed the null check to clarify that the function should not be called before the entity has been attached to a world. --- src/BlockEntities/CommandBlockEntity.cpp | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'src/BlockEntities/CommandBlockEntity.cpp') diff --git a/src/BlockEntities/CommandBlockEntity.cpp b/src/BlockEntities/CommandBlockEntity.cpp index dd0858378..43cdb92fb 100644 --- a/src/BlockEntities/CommandBlockEntity.cpp +++ b/src/BlockEntities/CommandBlockEntity.cpp @@ -188,12 +188,10 @@ void cCommandBlockEntity::SaveToJson(Json::Value & a_Value) void cCommandBlockEntity::Execute() { - if (m_World != NULL) + ASSERT(m_World != NULL); //Execute should not be called before the command block is attached to a world + if (!m_World->AreCommandBlocksEnabled()) { - if (!m_World->AreCommandBlocksEnabled()) - { - return; - } + return; } class CommandBlockOutCb : -- cgit v1.2.3 From 1e60265a909884df3c440e298d1400889c07b5fb Mon Sep 17 00:00:00 2001 From: madmaxoft Date: Mon, 1 Sep 2014 13:33:17 +0200 Subject: Fixed style. --- src/BlockEntities/CommandBlockEntity.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/BlockEntities/CommandBlockEntity.cpp') diff --git a/src/BlockEntities/CommandBlockEntity.cpp b/src/BlockEntities/CommandBlockEntity.cpp index 43cdb92fb..20702a9ac 100644 --- a/src/BlockEntities/CommandBlockEntity.cpp +++ b/src/BlockEntities/CommandBlockEntity.cpp @@ -188,7 +188,8 @@ void cCommandBlockEntity::SaveToJson(Json::Value & a_Value) void cCommandBlockEntity::Execute() { - ASSERT(m_World != NULL); //Execute should not be called before the command block is attached to a world + ASSERT(m_World != NULL); // Execute should not be called before the command block is attached to a world + if (!m_World->AreCommandBlocksEnabled()) { return; -- cgit v1.2.3 From a3f940f47c8981146feed66225c1dd8066bac0e2 Mon Sep 17 00:00:00 2001 From: Tycho Date: Fri, 26 Sep 2014 18:13:19 +0100 Subject: Removed more unessicary includes --- src/BlockEntities/CommandBlockEntity.cpp | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'src/BlockEntities/CommandBlockEntity.cpp') diff --git a/src/BlockEntities/CommandBlockEntity.cpp b/src/BlockEntities/CommandBlockEntity.cpp index 20702a9ac..318874a9b 100644 --- a/src/BlockEntities/CommandBlockEntity.cpp +++ b/src/BlockEntities/CommandBlockEntity.cpp @@ -4,16 +4,14 @@ // Implements the cCommandBlockEntity class representing a single command block in the world #include "Globals.h" // NOTE: MSVC stupidness requires this to be the same across all modules -#include "json/json.h" #include "CommandBlockEntity.h" -#include "../Entities/Player.h" -#include "../WorldStorage/FastNBT.h" #include "../CommandOutput.h" #include "../Root.h" #include "../Server.h" // ExecuteConsoleCommand() -#include "../Chunk.h" #include "../ChatColor.h" +#include "../World.h" +#include "../ClientHandle.h" -- cgit v1.2.3 From 9e4a5f824ae88e3a19de6a14db91b43c1759e29e Mon Sep 17 00:00:00 2001 From: Tiger Wang Date: Tue, 30 Sep 2014 22:20:21 +0100 Subject: Removed WSSCompact --- src/BlockEntities/CommandBlockEntity.cpp | 32 -------------------------------- 1 file changed, 32 deletions(-) (limited to 'src/BlockEntities/CommandBlockEntity.cpp') diff --git a/src/BlockEntities/CommandBlockEntity.cpp b/src/BlockEntities/CommandBlockEntity.cpp index 318874a9b..1a5a3f01e 100644 --- a/src/BlockEntities/CommandBlockEntity.cpp +++ b/src/BlockEntities/CommandBlockEntity.cpp @@ -152,38 +152,6 @@ void cCommandBlockEntity::SendTo(cClientHandle & a_Client) -bool cCommandBlockEntity::LoadFromJson(const Json::Value & a_Value) -{ - m_PosX = a_Value.get("x", 0).asInt(); - m_PosY = a_Value.get("y", 0).asInt(); - m_PosZ = a_Value.get("z", 0).asInt(); - - m_Command = a_Value.get("Command", "").asString(); - m_LastOutput = a_Value.get("LastOutput", "").asString(); - m_Result = (NIBBLETYPE)a_Value.get("SuccessCount", 0).asInt(); - - return true; -} - - - - - -void cCommandBlockEntity::SaveToJson(Json::Value & a_Value) -{ - a_Value["x"] = m_PosX; - a_Value["y"] = m_PosY; - a_Value["z"] = m_PosZ; - - a_Value["Command"] = m_Command; - a_Value["LastOutput"] = m_LastOutput; - a_Value["SuccessCount"] = m_Result; -} - - - - - void cCommandBlockEntity::Execute() { ASSERT(m_World != NULL); // Execute should not be called before the command block is attached to a world -- cgit v1.2.3