Add strict validation for `StrToInts` function. Because this function should only be used with trusted internal strings, assertions are added to ensure that the string is not truncated. Some buffer sizes are adjusted accordingly, so truncation cannot happen.
Add less strict validation for `IntsToStr` function. An additional argument specifying the size of the output buffer is added to assert that the size of the output buffer is sufficient. However, because this function is used to decode data sent by the server and read from maps and ghosts, invalid input data should never result in crashes or invalid UTF-8 strings. The function will now unpack an empty string and return `false`, if the string contains invalid UTF-8.
The inline definition of the functions is not wanted, because it requires adding a `system.h` include in `gamecore.h`. Therefore the tools now have to depend on game-shared, which previously only worked because the functions were inline.
Tests are added to ensure the function still behaves the same as before for valid inputs and correctly handles invalid inputs.
`CNetConsole` will now ignore received lines containing invalid UTF-8 codepoints. Previously, it was possible to crash the server on Windows with Econ commands like `exec <invalid UTF-8>`.
Previously, usage of `void *`, `unsigned char *` and `uint8_t *` was mixed in various places for pointers to raw image data and the pointers ended up being cast to `uint8_t *` at some point anyway. Now only `uint8_t *` is used consistently, which improves type safety and readability. Casts to `uint8_t *` are now only necessary when using `malloc` or when reading data from a map.
Show completion options for key names for all bind commands (`bind`, `binds`, `bind_reset`) in the local console.
At the moment this only works for completing the first key name but not for composite binds that use `+`, which would work differently than other console argument completion.
Unnamed keys (starting with `&`) are not shown as completion options.
Refactor console argument completion to reduce duplicate code.
We want to change the state of the job from `STATE_QUEUED` to
`STATE_RUNNING`, but not from `STATE_ABORTED`. Previously, the code
usedd `exchange` to change the state and compared non-atomically
afterwards. This led to `STATE_ABORTED` being replaced by
`STATE_RUNNING` in a race. With `compare_exchange_strong`, this can no
longer happen.
Fixes#8044.
Fix HTTP client effectively shutting down by entering the `ERROR` state when a request cannot be added. Now only the invalid request is aborted immediately. The `ERROR` state is now only entered when a curl function fails in a way where recovery is not possible.
Fix occasional deadlock when HTTP client is shutting down after entering the `ERROR` state, by also immediately aborting new requests when the HTTP client is already in the `ERROR` state.
Remove unused `CHttp::EState::STOPPING`.
Prevent the `tune_zone` command from being shown and used in the local console, which could cause issues with prediction, by only registering it as a game setting but not as a client command. The command callback is still correctly called when map settings are loaded in the `CGameClient::LoadMapSettings` function.
Previously:
```
2024-03-03 12:17:40 I git-revision: 885ae7ecae
2024-03-03 12:17:40 I server: version 18.0.3 on linux amd64
2024-03-03 12:17:40 I server: git revision hash: 885ae7ecae
```
The color selection should only be shown for normal envelope points but not for bezier control points, because it always changes the previously selected normal envelope point. This caused the client to crash when right-clicking a bezier control point when no normal envelope point was previously selected.
Closes#8020.
When image blitting is supported by the Vulkan backend, the color picker was reading incorrect pixel values, because the offset positions for the blitting region are the positions of the top-left and bottom-right corners, but instead the top-left offset and size (width, height) were passed as arguments.
Closes#8040.
Only building the switch entities layer when the current map has a switch layer (#8011) also does not work, because the entities textures are cached for each type and not reloaded unless the entities are changed manually. First joining a server with a map that does not have a switch layer will cause the textures for the type of that server to be built without the switch entities layer, so the switch entities texture will be missing when joining a server of that type with a map that does have a switch layer.
Instead, the switch entities layer textures are always built now, so the cached entities textures are can be used on all maps of the respective server type. This is expected to slightly increase the total memory usage after joining multiple servers of different types. As before, tiles which are unused are masked unless `m_DontMaskEntities` is set.
Instead of defining the macro `WIN32_LEAN_AND_MEAN` and sometimes also the macro `_WIN32_WINNT` in each file that directly or indirectly includes `<windows.h>`, only define these macros once consistently in `CMakeLists.txt`.
Also define `NTDDI_VERSION`, which is the new macro to specify the minimum Windows version starting with Windows Vista. This macro needs to be defined in addition to old `_WIN32_WINNT` macro, according to the documentation.
See https://learn.microsoft.com/en-us/windows/win32/winprog/using-the-windows-headers
Assert on failures in all `thread_*` and `sphore_*` functions on all operating systems instead of only printing log messages on Unix, as these functions are only expected to fail when used with incorrect arguments or in some cases when a dead-lock is detected.
On macOS, `sphore_wait` was not correctly calling `sem_wait` in a loop to repeat the wait operation if it is interrupted by a signal.
On Windows, the AIO tests were failing with the additional assertions. The maximum count that semaphores on Windows could be incremented to was previously, arbitrarily limited to 10000, which was causing the `ReleaseSemaphore` call to fail as the AIO semaphore is signaled 65536 times (for each write operation) in multiple of the AIO tests.
- Remove `ValidateFCurve` function because it's small and only used once.
- Remove unnecessary checks in `SolveBezier`, as all of these conditions are already checked before the function is called.
- Remove unnecessary double negation of `InTang` to improve readability.
- Use `double` literals for `double` comparisons instead of `float` literals.
- Fix comments.
There is no need to divide the times by 1000 when evaluating bezier curves, as all times are relative and the division adds significant inaccuracy, to the point where evaluation of bezier curves goes completely wrong in some cases.
Closes#8005.
Add `IJob::Abortable(bool)` function which jobs can call to specify whether they can be aborted. Jobs are not abortable per default. Abortable jobs may have their state set to `IJob::STATE_ABORTED` at any point if the job was aborted. The job state should be checked periodically in the `IJob::Run` function and the job should terminate at the earliest, safe opportunity when aborted. Scheduled jobs which are not abortable are guaranteed to fully complete before the job pool is shut down. However, if the job pool is already shutting down, no additional jobs will be enqueue anymore and abortable jobs will immediately be aborted.
In particular, the sound loading, community icon loading, master chooser and host lookup jobs are specified as being abortable. Conversely, the jobs saving replay demos, editor maps and screenshots are expected to finish before the client is shut down.
When the client is quitting/restarting, it will now disconnect from the current server first, before saving the config, to ensure that any actions that happen on disconnect (demo recorders being stopped etc.) happen first. The shutdown message is rendered before disconnecting and waiting for background jobs to finish.
The HTTP client is now initialized later during server launch, after the network initialization. Error handling is added and the server stops if the HTTP client could not be initialized, same as the client.
The `RunBlocking` functions are removed, as they are not used anymore after curl-multi was added.
The function `IJob::Status` is renamed to `State` and `IJob::STATE_PENDING` is renamed to `STATE_QUEUED` for consistency with naming of the HTTP client.
The member variables of the engine interface are encapsulated and the `jobs.h` include is removed from `engine.h`, which removes transitive includes of `system.h`.
Documentation for all job and job pool API is added.
Instead of only building the switch entities when the server uses the DDNet/DDrace type. Fix switch entities not being shown anymore on servers which do not mask entities. Regression from #7979.
Call `EnvelopeEval` functions directly instead of passing them and their arguments to `CRenderTools::RenderTilemap` and `CRenderTools::RenderTileRectangle`.
Only evaluate color envelopes for tiles layers once instead of separately for the opaque and transparent passes.
Only evaluate relevant number of envelope channels instead of always evaluating all channels.
Avoid unnecessary calculations by only evaluating position envelopes for quads which are not fully transparent.
Fully ignore layer color and envelope color for entities layers, as these cannot be specified in the editor and should not be changeable.
Remove duplicate and insufficient checks for invalid envelope index before calling `EnvelopeEval`. Instead, set the correct default for all channels before calling `EnvelopeEval` and only change the result on success. Now, white color will consistently be assumed for invalid color envelopes, zero positions and rotations for invalid position envelopes, and full volume for invalid sound envelopes.
Validate number of envelope channels to prevent crashes. When loading maps containing envelopes with invalid number of channels (not equal to 1, 3 or 4), the number of channels of these envelopes is reset to 4 and an error message is displayed, so the mapper can examine all channels' data and transfer it to another envelope if necessary. Closes#7985.
Use consistent margins for all settings pages and titles (except the Appearance settings, which will be covered in the future).
Fix checkbox UI element ID variable `s_LowerRefreshRate` not being `static`.
Improve readability of layout code.
Matching the requester allows "reliable" and "unreliable" pings.
"Reliable" pings suffer from re-sends, thus might not accurately reflect
the latency, "unreliable" pings might not arrive at all.
If the own ghost is the last element in the vector and deleted due to using the `cl_race_ghost_save_best 1` setting then the following accesses with index `Own` were out-of-bounds. Closes#8003.
Add mandatory Boolean attribute `has_finishes` to every community info, which specifies whether finishes can be shown for the community, regardless of whether any finishes are currently available for the player.
The community info must be adjusted when/before merging this, by adding the attribute `has_finishes` to every community object, with the value `true` for DDNet and `false` for all other communities.
Closes#7957.
The check before calling `normalize` incorrectly excludes skins containing zero in any color component instead of excluding only skins with zero in all components. The check can be removed entirely, because it is already checked inside the `normalize` function whether the length of the `vec3` is zero, in which case a zero `vec3` will be returned.
For very large skins which use large color values in at least one component, the `int` used for calculating the blood color could overflow.
Prevent skins with invalid names from being loaded/downloaded.
Improve log messages when skins cannot be loaded.
Remove obsolete check for duplicate skins, as the storage handles duplicate files already.
Instead of adding the placeholder skin to the list of skins only when no skins have been loaded, always create the placeholder skin and use it only when no other skin is available.
Use reasonable values for skin metrics of placeholder skin to improve its rendering.
This adds highlighting color when hovering the main menu buttons (File, Tools, Settings), which was previously missing for these buttons. This also reduced duplicate code.
Extract font size for menu buttons into constant `MENU` in new namespace `EditorFontSizes`.
Use `DoButton_FontIcon` with `FONT_ICON_MINUS`/`FONT_ICON_PLUS` consistently instead of using `DoButton_ButtonDec/Inc` with text labels `+`/`-`.
For yes/no buttons, use `DoButton_Ex` and specify the button corners explicitly instead of using `DoButton_ButtonDec/Inc`.
Reset dragging operation when the dragged button has been unset and reset dragged button when operation has been reset, to prevent the editor from being stuck in either of two inconsistent states. This could be reproduced easily by clicking very quickly while moving the mouse up and down over the groups/layers list.
Do not call `CheckActiveItem` on a UI element (the dragged button) which might not be in view, as this prevents the UI from detecting the invalid active item, when groups/layers are dragged very far and quickly outside the scrollregion.
Closes#6855.
Immediately cancel new HTTP requests instead of enqueuing them when already shutting down `CHttp`. Otherwise, `CChooseMaster` may wait forever for HTTP requests to be completed while the client is shutting down, if `CHttp` was shutdown while `CChooseMaster` is not waiting for an existing HTTP request.
Not directly caused by #7962, but it made it more likely to happen.
Closes#7980.
Edgar
ChillerDragon