--- deliantra/server/common/utils.C 2008/12/28 06:59:26 1.83
+++ deliantra/server/common/utils.C 2009/10/15 21:09:32 1.90
@@ -5,18 +5,19 @@
* Copyright (©) 2002,2007 Mark Wedel & Crossfire Development Team
* Copyright (©) 1992,2007 Frank Tore Johansen
*
- * Deliantra is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
+ * Deliantra is free software: you can redistribute it and/or modify it under
+ * the terms of the Affero GNU General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see .
+ * You should have received a copy of the Affero GNU General Public License
+ * and the GNU General Public License along with this program. If not, see
+ * .
*
* The authors can be reached via e-mail to
*/
@@ -34,6 +35,7 @@
#include
#include
+#include
#include
#include
@@ -53,7 +55,7 @@
state [3] = state [2] * 69069U; if (state [0] < 128U) state [0] += 128U;
for (int i = 11; --i; )
- operator ()();
+ next ();
}
uint32_t
@@ -67,19 +69,24 @@
return state [0] ^ state [1] ^ state [2] ^ state [3];
}
+template
uint32_t
-tausworthe_random_generator::get_range (uint32_t num)
+random_number_generator::get_range (uint32_t num)
{
- return (next () * (uint64_t)num) >> 32U;
+ return (this->next () * (uint64_t)num) >> 32U;
}
// return a number within (min .. max)
+template
int
-tausworthe_random_generator::get_range (int r_min, int r_max)
+random_number_generator::get_range (int r_min, int r_max)
{
return r_min + get_range (max (r_max - r_min + 1, 0));
}
+template struct random_number_generator;
+template struct random_number_generator;
+
/*
* The random functions here take luck into account when rolling random
* dice or numbers. This function has less of an impact the larger the
@@ -223,7 +230,7 @@
if (!op->materialname)
return;
- if (change->materialname && strcmp (op->materialname, change->materialname))
+ if (op->materialname != change->materialname)
return;
if (!op->is_armor ())
@@ -444,6 +451,28 @@
return;
}
+/******************************************************************************/
+
+/* Checks a player-provided string which will become the msg property of
+ * an object for dangerous input.
+ */
+bool
+msg_is_safe (const char *msg)
+{
+ bool safe = true;
+
+ /* Trying to cheat by getting data into the object */
+ if (!strncmp (msg, "endmsg", sizeof ("endmsg") - 1)
+ || strstr (msg, "\nendmsg"))
+ safe = false;
+
+ /* Trying to make the object talk, and potentially access arbitrary code */
+ if (object::msg_has_dialogue (msg))
+ safe = false;
+
+ return safe;
+}
+
/////////////////////////////////////////////////////////////////////////////
void
@@ -556,40 +585,49 @@
/******************************************************************************/
-void assign (char *dst, const char *src, int maxlen)
+int
+assign (char *dst, const char *src, int maxsize)
{
if (!src)
src = "";
int len = strlen (src);
- if (len >= maxlen - 1)
+ if (len >= maxsize)
{
- if (maxlen <= 4)
+ if (maxsize <= 4)
{
- memset (dst, '.', maxlen - 1);
- dst [maxlen - 1] = 0;
+ memset (dst, '.', maxsize - 2);
+ dst [maxsize - 1] = 0;
}
else
{
- memcpy (dst, src, maxlen - 4);
- memcpy (dst + maxlen - 4, "...", 4);
+ memcpy (dst, src, maxsize - 4);
+ memcpy (dst + maxsize - 4, "...", 4);
}
+
+ len = maxsize;
}
else
- memcpy (dst, src, len + 1);
+ memcpy (dst, src, ++len);
+
+ return len;
}
-const char *
-format (const char *format, ...)
+char *
+vformat (const char *format, va_list ap)
{
- static dynbuf_text buf;
-
- buf.clear ();
+ static dynbuf_text buf; buf.clear ();
+ buf.vprintf (format, ap);
+ return buf;
+}
+char *
+format (const char *format, ...)
+{
va_list ap;
va_start (ap, format);
- buf.vprintf (format, ap);
+ char *buf = vformat (format, ap);
va_end (ap);
return buf;