github
/
NorthstarLauncher
mirror of https://github.com/R2Northstar/NorthstarLauncher
1
Fork 0
Code Releases Activity

remove ClientCommandKeyValues

This commit is contained in:
BobTheBob 2022-03-22 19:46:13 +00:00
parent 92f77b231a
commit 2cb92fc902
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
NorthstarDedicatedTest/miscserverfixes.cpp
View File

@ -21,4 +21,17 @@ void InitialiseMiscServerFixes(HMODULE baseAddress)
*(ptr++) = 0x90; // nop
*ptr = 0x90; // nop
}
// ret at the start of CServerGameClients::ClientCommandKeyValues as it has no benefit and is forwarded to client (i.e. security issue)
// this prevents the attack vector of client=>server=>client, however server=>client also has clientside patches
{
char* ptr = reinterpret_cast<char*>(baseAddress) + 0x153920;
TempReadWrite rw(ptr);
*ptr = 0xC3;
}
}
void InitialiseMiscEngineServerFixes(HMODULE baseAddress)
{
}

6
NorthstarDedicatedTest/securitypatches.cpp
View File

@ -16,12 +16,18 @@ bool IsValveModHook()
return !CommandLine()->CheckParm("-norestrictservercommands");
}
typedef bool (*SVC_CmdKeyValues__ReadFromBufferType)(void* a1, void* a2);
SVC_CmdKeyValues__ReadFromBufferType SVC_CmdKeyValues__ReadFromBuffer;
// never parse server=>client keyvalues for clientcommandkeyvalues
bool SVC_CmdKeyValues__ReadFromBufferHook(void* a1, void* a2) { return false; }
void InitialiseClientEngineSecurityPatches(HMODULE baseAddress)
{
HookEnabler hook;
// note: this could break some things
ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x1C6360, &IsValveModHook, reinterpret_cast<LPVOID*>(&IsValveMod));
ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x222E70, &SVC_CmdKeyValues__ReadFromBufferHook, reinterpret_cast<LPVOID*>(&SVC_CmdKeyValues__ReadFromBuffer));
// patches to make commands run from client/ui script still work
// note: this is likely preventable in a nicer way? test prolly