shithub: choc

Info  •  Files  •  Log  •  Branches

net: Get rid of NET_SafePuts().

Instead what's almost always wanted is to read a "safe" string that
cannot contain any control codes. So introduce NET_ReadSafeString()
instead as a wrapper around NET_ReadString() that does this.

--- a/src/net_client.c

+++ b/src/net_client.c

@@ -433,7 +433,7 @@

     net_protocol_t protocol;

     char *server_version;

-    server_version = NET_ReadString(packet);

+    server_version = NET_ReadSafeString(packet);

     if (server_version == NULL)

     {

         return;

@@ -830,7 +830,7 @@

 {

     char *msg;

-    msg = NET_ReadString(packet);

+    msg = NET_ReadSafeString(packet);

     if (msg == NULL)

     {

@@ -837,9 +837,7 @@

         return;

     }

-    printf("Message from server: ");

-

-    NET_SafePuts(msg);

+    printf("Message from server:\n%s\n", msg);

 }

 // parse a received packet

--- a/src/net_common.c

+++ b/src/net_common.c

@@ -132,7 +132,7 @@

 {

     char *msg;

-    msg = NET_ReadString(packet);

+    msg = NET_ReadSafeString(packet);

     if (msg == NULL)

     {

@@ -146,8 +146,7 @@

         conn->state = NET_CONN_STATE_DISCONNECTED;

         conn->disconnect_reason = NET_DISCONNECT_REMOTE;

-        printf("Rejected by server: ");

-        NET_SafePuts(msg);

+        printf("Rejected by server: %s\n", msg);

     }

 }

--- a/src/net_packet.c

+++ b/src/net_packet.c

@@ -15,6 +15,7 @@

 //      Network packet manipulation (net_packet_t)

 //

+#include <ctype.h>

 #include <string.h>

 #include "m_misc.h"

 #include "net_packet.h"

@@ -200,6 +201,37 @@

     ++packet->pos;

     return start;

+}

+

+// Read a string from the packet, but (potentially) modify it to strip

+// out any unprintable characters which could be malicious control codes.

+// Note that this may modify the original packet contents.

+char *NET_ReadSafeString(net_packet_t *packet)

+{

+    char *r, *w, *result;

+

+    result = NET_ReadString(packet);

+    if (result == NULL)

+    {

+        return NULL;

+    }

+

+    // w is always <= r, so we never produce a longer string than the original.

+    w = result;

+    for (r = result; *r != '\0'; ++r)

+    {

+        // TODO: This is a very naive way of producing a safe string; only

+        // ASCII characters are allowed. Probably this should really support

+        // UTF-8 characters as well.

+        if (isprint(*r) || *r == '\n')

+        {

+            *w = *r;

+            ++w;

+        }

+    }

+    *w = '\0';

+

+    return result;

 }

 // Dynamically increases the size of a packet

--- a/src/net_packet.h

+++ b/src/net_packet.h

@@ -33,6 +33,7 @@

 boolean NET_ReadSInt32(net_packet_t *packet, signed int *data);

 char *NET_ReadString(net_packet_t *packet);

+char *NET_ReadSafeString(net_packet_t *packet);

 void NET_WriteInt8(net_packet_t *packet, unsigned int i);

 void NET_WriteInt16(net_packet_t *packet, unsigned int i);

--- a/src/net_query.c

+++ b/src/net_query.c

@@ -738,7 +738,7 @@

         printf("(game running) ");

     }

-    NET_SafePuts(data->description);

+    printf("%s\n", data->description);

 }

 void NET_LANQuery(void)

--- a/src/net_server.c

+++ b/src/net_server.c

@@ -213,7 +213,7 @@

     va_start(args, s);

     M_vsnprintf(buf, sizeof(buf), s, args);

     va_end(args);

-    

+

     for (i=0; i<MAXNETNODES; ++i)

     {

         if (ClientConnected(&clients[i]))

@@ -222,7 +222,7 @@

         }

     }

-    NET_SafePuts(buf);

+    printf("%s\n", buf);

 }

--- a/src/net_structrw.c

+++ b/src/net_structrw.c

@@ -17,7 +17,6 @@

 #include <stdio.h>

 #include <stdlib.h>

 #include <string.h>

-#include <ctype.h>

 #include "doomtype.h"

 #include "m_misc.h"

@@ -122,7 +121,7 @@

 {

     boolean result;

-    query->version = NET_ReadString(packet);

+    query->version = NET_ReadSafeString(packet);

     result = query->version != NULL

           && NET_ReadInt8(packet, (unsigned int *) &query->server_state)

@@ -133,7 +132,7 @@

     if (result)

     {

-        query->description = NET_ReadString(packet);

+        query->description = NET_ReadSafeString(packet);

         return query->description != NULL;

     }   

@@ -551,22 +550,3 @@

     NET_WriteBlob(packet, seed, sizeof(prng_seed_t));

 }

-// "Safe" version of puts, for displaying messages received from the

-// network.

-

-void NET_SafePuts(char *s)

-{

-    char *p;

-

-    // Do not do a straight "puts" of the string, as this could be

-    // dangerous (sending control codes to terminals can do all

-    // kinds of things)

-

-    for (p=s; *p; ++p)

-    {

-        if (isprint(*p) || *p == '\n')

-            putchar(*p);

-    }

-

-    putchar('\n');

-}

--- a/src/net_structrw.h

+++ b/src/net_structrw.h

@@ -43,8 +43,6 @@

 void NET_WriteWaitData(net_packet_t *packet, net_waitdata_t *data);

 boolean NET_ReadWaitData(net_packet_t *packet, net_waitdata_t *data);

-void NET_SafePuts(char *msg);

-

 boolean NET_ReadPRNGSeed(net_packet_t *packet, prng_seed_t seed);

 void NET_WritePRNGSeed(net_packet_t *packet, prng_seed_t seed);