3987: Fix client use-after-free reported by mmmds r=def- a=ChillerDragon
Fix https://github.com/teeworlds/teeworlds/issues/2645
The `Sv_ReadyToEnter` net message is only valid while we're still
loading stuff, it is used to signal that we can send the `ENTERGAME`
system message. Simply ignoring the server message while we're in the
wrong part of the state machine works.
(cherry picked from commit a97f8a22de)
## Checklist
- [ ] Tested the change ingame
- [ ] Provided screenshots if it is a visual change
- [ ] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [ ] Considered possible null pointers and out of bounds array indexing
- [ ] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)
Co-authored-by: heinrich5991 <heinrich5991@gmail.com>
Fix https://github.com/teeworlds/teeworlds/issues/2645
The `Sv_ReadyToEnter` net message is only valid while we're still
loading stuff, it is used to signal that we can send the `ENTERGAME`
system message. Simply ignoring the server message while we're in the
wrong part of the state machine works.
(cherry picked from commit a97f8a22de)
3888: Send server info request for ping with different token r=Jupeyy a=heinrich5991
Thanks to @Jupeyy for figuring out this bug.
Previously, the client would send the request for server info and the
server info ping packet with the same token, making the answer
indistinguishable from each other. Fix this by generating a token that
won't collide.
Fixes#3862.
<!-- What is the motivation for the changes of this pull request -->
## Checklist
- [x] Tested the change ingame
- [ ] Provided screenshots if it is a visual change
- [ ] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [ ] Considered possible null pointers and out of bounds array indexing
- [ ] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)
Co-authored-by: heinrich5991 <heinrich5991@gmail.com>
Thanks to @Jupeyy for figuring out this bug.
Previously, the client would send the request for server info and the
server info ping packet with the same token, making the answer
indistinguishable from each other. Fix this by generating a token that
won't collide.
Fixes#3862.
3881: Use str_length r=def- a=ChillerDragon
Either we should delete str_length or we should use it. Feel free to downvote this pr if u think delete is the way to go.
Co-authored-by: ChillerDragon <ChillerDragon@gmail.com>
3873: Add japanese compressed font r=def- a=TsFreddie
This is a 57kb hiragana/katakana font sits between deja vu sans and source han sans. GlowSansJCompressed is a fork of Source Han Sans so the style and license are the same: https://github.com/welai/glow-sans/blob/master/docs/README-en.md
Was torn between condensed (thiner) font and compressed (thinnest) font, but I figure since we want to fit them better, might as well make more text fit rather than less:
![image](https://user-images.githubusercontent.com/3797859/120436727-e0053f00-c3b1-11eb-8760-4c5afbb4a6da.png)
The font weight is "book" because glow sans has 9 font weights instead of matching source han sans's 7. so the weight name was shifted.
_Japanese translation will come later._
## Checklist
- [ ] Tested the change ingame
- [ ] Provided screenshots if it is a visual change
- [ ] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [ ] Considered possible null pointers and out of bounds array indexing
- [ ] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)
Co-authored-by: Freddie Wang <tsfreddiewang@gmail.com>
3772: Add client-side HTTP server info r=def- a=heinrich5991
Summary
=======
The idea of this is that clients will not have to ping each server for
server infos which takes long, leaks the client's IP address even to
servers the user does not join and is a DoS vector of the game servers
for attackers.
For the Internet, DDNet and KoG tab, the server list is entirely fetched
from the master server, filtering out servers that don't belong into the
list.
The favorites tab is also supposed to work that way, except for servers
that are marked as "also ping this server if it's not in the master
server list".
The LAN tab continues to broadcast the server info packet to find
servers in the LAN.
How does it work?
=================
The client ships with a list of master server list URLs. On first start,
the client checks which of these work and selects the fastest one.
Querying the server list is a HTTP GET request on that URL. The
response is a JSON document that contains server infos, server addresses
as URLs and an approximate location.
It can also contain a legacy server list which is a list of bare IP
addresses similar to the functionality the old master servers provided
via UDP. This allows us to backtrack on the larger update if it won't
work out.
Lost functionality
==================
(also known as user-visible changes)
Since the client doesn't ping each server in the list anymore, it has no
way of knowing its latency to the servers.
This is alleviated a bit by providing an approximate location for each
server (continent) so the client only has to know its own location for
approximating pings.
## Checklist
- [x] Tested the change ingame
- [ ] Provided screenshots if it is a visual change
- [ ] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [ ] Considered possible null pointers and out of bounds array indexing
- [ ] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)
Co-authored-by: heinrich5991 <heinrich5991@gmail.com>
The current NETMSG_PING and NETMSG_PING_REPLY messages suffer from the
fact that you cannot know whether a given NETMSG_PING_REPLY is from your
NETMSG_PING.
Summary
=======
The idea of this is that clients will not have to ping each server for
server infos which takes long, leaks the client's IP address even to
servers the user does not join and is a DoS vector of the game servers
for attackers.
For the Internet, DDNet and KoG tab, the server list is entirely fetched
from the master server, filtering out servers that don't belong into the
list.
The favorites tab is also supposed to work that way, except for servers
that are marked as "also ping this server if it's not in the master
server list".
The LAN tab continues to broadcast the server info packet to find
servers in the LAN.
How does it work?
=================
The client ships with a list of master server list URLs. On first start,
the client checks which of these work and selects the fastest one.
Querying the server list is a HTTP GET request on that URL. The
response is a JSON document that contains server infos, server addresses
as URLs and an approximate location.
It can also contain a legacy server list which is a list of bare IP
addresses similar to the functionality the old master servers provided
via UDP. This allows us to backtrack on the larger update if it won't
work out.
Lost functionality
==================
(also known as user-visible changes)
Since the client doesn't ping each server in the list anymore, it has no
way of knowing its latency to the servers.
This is alleviated a bit by providing an approximate location for each
server (continent) so the client only has to know its own location for
approximating pings.
3492: Support F-Client and replace non-extended extension messages r=Learath2 a=heinrich5991
This continues what #3439 started, and also replaces non-extended messages that are DDRace extensions with extended messages. The DDNet server still sends the old message to old clients and the DDNet client still understands the old messages.
Supersedes #3439.
## Checklist
- [x] Tested the change ingame
- [ ] Provided screenshots if it is a visual change
- [ ] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [x] Considered possible null pointers and out of bounds array indexing
- [x] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)
3559: Don't highlight us if we have no name (alternative fix for #3554) r=heinrich5991 a=def-
<!-- What is the motivation for the changes of this pull request -->
## Checklist
- [x] Tested the change ingame
- [ ] Provided screenshots if it is a visual change
- [ ] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [x] Considered possible null pointers and out of bounds array indexing
- [x] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)
3561: Fix input message position in teehistorian files r=heinrich5991 a=Zwelf
Previously the message was recorded when incoming. But the time when the input should apply wasn't recorded. Now inputs are recorded right before they get applied in the game world.
And record exact tick where load/save result is returned.
## Checklist
- [x] Tested the change ingame
- [ ] Provided screenshots if it is a visual change
- [ ] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [x] Considered possible null pointers and out of bounds array indexing
- [x] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)
3565: Add Arabic language translation by .Yukki r=heinrich5991 a=def-
![screenshot-20210131@093216](https://user-images.githubusercontent.com/2335377/106378755-747d7780-63a7-11eb-9553-6a1898907441.png)
## Checklist
- [x] Tested the change ingame
- [x] Provided screenshots if it is a visual change
- [x] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [x] Considered possible null pointers and out of bounds array indexing
- [x] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)
Co-authored-by: fokkonaut <35420825+fokkonaut@users.noreply.github.com>
Co-authored-by: heinrich5991 <heinrich5991@gmail.com>
Co-authored-by: def <dennis@felsin9.de>
Co-authored-by: Zwelf <zwelf@strct.cc>
The PLAYERFLAG_AIM can now be set directly on DDNet servers via the 0.7
bridge and will be sent to clients identifying themselves as DDNet
clients.
Add a new extended message that mirror the old `Sv_TeamsState`.
3139: Use NUM_DUMMYS for dummy array length r=def- a=ChillerDragon
Should make code more readable by explaining that the array is used for dummy. Also makes modders life easier if there is a need to scale up dummy count.
I left out two places that do not include client.h
3be8a592e5/src/game/client/prediction/gameworld.h (L92)3be8a592e5/src/game/gamecore.h (L212)
Moving the enum to protocol.h for example is probably not nice.
Co-authored-by: ChillerDrgon <ChillerDragon@gmail.com>
To be friendly to other implementors of the format, the CRC field is now
zeroed out instead of completely gone.
Drop support for v2 and v3 of the ghost format, the ghost files should
have been automatically converted by the client already.
src/engine/shared/snapshot.cpp:72:8: runtime error: signed integer overflow: -1297193910 + -1824658838 cannot be represented in type 'int'
#0 0x565165b0687d in CSnapshot::Crc() /media/ddnet/src/engine/shared/snapshot.cpp:72:8
#1 0x565165c4d20b in CClient::ProcessServerPacket(CNetChunk*) /media/ddnet/src/engine/client/client.cpp:1981:49
#2 0x565165c5d960 in CClient::PumpNetwork() /media/ddnet/src/engine/client/client.cpp:2589:6
#3 0x565165c67a71 in CClient::Update() /media/ddnet/src/engine/client/client.cpp:2856:2
#4 0x565165c72f4e in CClient::Run() /media/ddnet/src/engine/client/client.cpp:3237:4
#5 0x565165c94b7e in main /media/ddnet/src/engine/client/client.cpp:4341:11
#6 0x7fba5af2c151 in __libc_start_main (/usr/lib/libc.so.6+0x28151)
#7 0x5651659e1e0d in _start (/media/ddnet/DDNet+0x705e0d)
Only active player received them, reconnecting dummy a few times lead to
duplicate entries in tab completion. Now only main player is considered
for the completion.
as reported by Betz@lel-$h@l0m on Discord
Purely automatic change. In case of conflict with this change, apply the
other change and rerun the formatting to restore it:
$ python scripts/fix_style.py
when reconnecting after server was full:
[2020-09-25 15:39:34][client]: offline error='This server is full'
Source and destination overlap in strncpy(0xd3328e2, 0xd3328e2, 255)
at 0x483DFDC: strncpy (vg_replace_strmem.c:550)
by 0x249180: str_copy (system.c:2328)
by 0x27E1F5: CClient::Connect(char const*, char const*) (client.cpp:707)
by 0x287864: CClient::Update() (client.cpp:2914)
by 0x28891B: CClient::Run() (client.cpp:3216)
by 0x28EDEC: main (client.cpp:4309)
2814: Remove saving to other servers r=Learath2 a=def-
sv_sql_valid_servernames is no longer required
2818: Load fonts from memory (fixes#2810) r=Learath2 a=def-
Missing: Freeing the memory again. But not so important since we keep
the same fonts until end of process anyway in our case.
@QingGo Could you give this a try from the Github build artifacts? If not, I can provide you a nightly build.
Co-authored-by: def <dennis@felsin9.de>
Missing: Freeing the memory again. But not so important since we keep
the same fonts until end of process anyway in our case.
@QingGo Could you give this a try from the Github build artifacts?
At the moment it only happens the next time you press refresh.
Before we had it so that it always reloaded once the ddnet info arrived,
causing a quick flickering and lots of packets having to be resent every
time someone pressed refresh, even if nothing changed.
The new approach combines the advantages of both without the
disadvantages. An even nicer way would be to compare the json objects,
so that news and version updates don't matter, but our json library
doesn't seem to support that.
Currently, this just shows the current map in the status. Might need
localization data in Steamworks to be available to work in languages
other than English.
CC #2642
- Fix a use-after-free when there are no new snapshots for the cl_dummy tee after the switch.
- When one of the tees is hooked, cycling through them will no longer show phantom hook for the other tee.
- Dummy switch might happen a bit quicker since it doesn't depend on receiving new snapshots.
- Simplified code: m_LastDummy2 is no more.
2279: Only forbid resizing when videorecorder is recording r=heinrich5991 a=def-
2327: List data files in `CMakeLists.txt` r=def- a=heinrich5991
This fixes missing files for people recompiling when we add new data
files.
Co-authored-by: def <dennis@felsin9.de>
Co-authored-by: heinrich5991 <heinrich5991@gmail.com>
This gets rid of the problem that we don't know whether we should send
full snapshots to clients because they haven't told us about them being
DDNet yet.
Add libnotify support for linux client
Also unify notification management
Make libnotify mandatory for the client. It is installed on 100% of Arch
Linux systems and on 70% of Debian systems. I'd guess the remaining
Debian systems are servers.
Detect dependent libraries of `libnotify` using `pkg-config`. Remove
library-specific code from the game module. Decrement refcount for
libnotify notification object before leaving the function.
2069: Move global configuration out of client interface r=heinrich5991 a=ChillerDragon
2076: Allow editing multiple tile layer props r=heinrich5991 a=Learath2
Requested by Ravie on discord
2095: Fix `AntibotDestroy` being called twice r=def- a=heinrich5991
The resource deallocation needs to happen in symmetry with the
allocation, otherwise we get unmatched dealloctions leading to crashes.
Allocations happened in `CAntibot::Init`, but it was not guaranteed that
this was called before the destructor.
Co-authored-by: ChillerDragon <ChillerDragon@gmail.com>
Co-authored-by: Learath <learath2@gmail.com>
Co-authored-by: heinrich5991 <heinrich5991@gmail.com>
2050: Fix race condition. Closes#2004 r=def- a=Learath2
I guess a new state is better then a global variable
Co-authored-by: Learath <learath2@gmail.com>
- videorecorder only works for recording demos now
- demoplayer was modified to allow controll over the time that passed
in order to get perfect fps, IVideo controlls how much time passed,
basically every rendercall sets the time to record the next frame
OK, maybe not actually remove because it is kept for fallback when the
new method isn't available.
The whole gametype parsing business had the same downsides as user agent
parsing on the web, hence I removed it while keeping behavior the same.
This allows servers to explicitly opt in or out of certain bug
workarounds and other client behavior. This increases the complexity of
different configurations that are available in the client (which is a
bad thing).
1732: Implement ISDDNET and Time Score cleanly r=def- a=Learath2
This is an attempt at implementing the two things in a cleaner way.
Deprecated #1320
Willfix #1622 soon(tm)
Co-authored-by: Learath <learath2@gmail.com>
Co-authored-by: Learath2 <learath2@gmail.com>
Number of minutes of active racing time before being asked to confirm
disconnecting, disconnecting dummy or quitting through GUI. Defaults to
20 minutes, -1 to disable, 0 to always enable.
Also removed confirmation to quit when in main menu, except when having
an unsaved map in editor.
Spectate and kill should already be safe thanks to server-side kill
protection.
SHA256 was chosen because it is reasonably standard, the file names
don't explode in length (this rules out SHA512) and it is supported by
basically all versions of OpenSSL (this rules out SHA512/256 and SHA3).
The protocol is changed in a backward compatible way: The supporting
server sends the SHA256 corresponding to the map in the `MAP_DETAILS`
message prior to sending the `MAP_CHANGE` message. The client saves the
SHA256 obtained from the `MAP_DETAILS` message until the next
`MAP_CHANGE` message.
For servers not supporting this protocol, the client falls back to
simply opening maps like in the previous scheme.
Remove the `map_version` tool, it is not being used and would have been
a little bit effort to update.
Use the OpenSSL implementation of SHA256 if it is supported, otherwise
fall back to a public domain one.
Fix#1127.
1157: Add a way to call for external moderator help r=Learath2 a=heinrich5991
This is done by HTTP POSTing to a location specified by
`sv_modhelp_url`. We also provide a `src/modhelp/server.py` which can
use theses POSTs to forward them to Discord servers.
The POST contains a JSON object payload, with the keys `"port"` which
contains the server port, `"player_id"` which contains the calling
player's client ID, `"player_name"` which contains the calling player's
nick and `"message"` which is the user-specified message.
Make JSON-escaping function public, add tests and fix bugs uncovered by
these tests.
Supersedes #1129.
1160: Fix warning about incompatible function pointers r=Learath2 a=heinrich5991
This comes at the cost of one allocation per started thread. This should
be okay because we're about to invoke a syscall anyway.
Co-authored-by: heinrich5991 <heinrich5991@gmail.com>
1152: send password to first connected server r=heinrich5991 a=ZombieToad
https://github.com/ddnet/ddnet/pull/1149#issuecomment-397538132
fixes issues with connecting to servers with reserved slots
Co-authored-by: ZombieToad <25847476+zombietoad@users.noreply.github.com>
This is done by HTTP POSTing to a location specified by
`sv_modhelp_url`. We also provide a `src/modhelp/server.py` which can
use theses POSTs to forward them to Discord servers.
The POST contains a JSON object payload, with the keys `"port"` which
contains the server port, `"player_id"` which contains the calling
player's client ID, `"player_name"` which contains the calling player's
nick and `"message"` which is the user-specified message.
Make JSON-escaping function public, add tests and fix bugs uncovered by
these tests.
Supersedes #1129.
Replace `mem_free` by `free`, and `mem_alloc` by `malloc` or `calloc`
(the latter one being used to allocate a zeroed array of elements,
sometimes, this makes a call to `mem_zero` superfluous).
This results in having to remove `mem_stats` which previously recorded
the number of allocations and their size that the Teeworlds code did
directly.
Remove OOM handling in `src/game/client/components/binds.cpp`.
Remove needless copying in the CSV code in
`src/game/client/components/statboard.cpp`.
The engine now takes `std::shared_ptr<IJob>`, this will ensure the
appropriate lifetime of the given parameters, it also allows for proper
destruction. Remove the now obsolete `IFetcher` interface and `CFetcher`
class.
Also adds some locks to `CUpdater`, previously it didn't have any locks
at all.
869: Complete rework of the ghost and race recorder r=Learath2 a=Redix
This PR fixes a lot of issues with the ghost and race recorder, introduces a new ghost file format and implements some pretty useful features.
**A quick overview:**
- When you cross the start line multiple times, both (ghost and recorder) will only restart if it is a non-solo server
- If available, both will use the race timer to recognize the start instead of searching for the start line
- Fastcap support for both
- The recorder immediately starts when the Tee spawns, so the preparation steps (which are quite important for speedruns) will be included in the demo. If you do not cross the start-line within 20 seconds, it will stop the demo until you really start.
- Better ghost menu (colors, reloading, deleting and saving ghosts)
- The ghosts are more resistant against lags (old ones were sometimes completely useless due to small lags)
- New ghosts files are significantly smaller
- Cleanup, bugfixes..
**About the new ghost format (version 4/5):**
This format is used by Teerace for over a year now. The code for handling the binary files was moved to the engine. It includes an auto updater which creates a backup of all ghosts and converts them to the new format afterwards. The major differences from the format used by DDNet right now (version 2), are the ability to store multiple types of data, the usage of delta-encoding and a more portable header.
For whatever reason, the ghost stores values for every predicted tick, but without tick information, so lost snapshots can make them unusable. The new code uses the original values from the snapshots including ticks but it can also handle the old ones without. Since hardly any server uses the high bandwidth option this practically reduces the file size.
Like the demo recorder the ghost recorder directly stores the data to a file (every 50 snapshots) instead of writing the whole file at the end of the race. Indeed this can be changed with only a few lines if the old behavior is preferred.
The updater can handle version 2 (DDNet) and 3 (old teerace format, only slightly different from version 2) files. The updating already happens when the files are scanned for generating the list in the menu and not only when you activate them. The change from version 4 to 5 was only needed due to a bug in the implementation, the ghost loader can read both.
Some numbers about the file size: (map: hotrun, both about 30 seconds)
- Old ghost: 30.4 kB (converted: 10.7 kB)
- New ghost: 5.4 kB
**One thing about the race recorder:**
The old implementation compared the new file only with the first file it found for the particular map. The new one compares with all related demos and deletes them possibly, so that only the best demo is left. Since DDNet can also store the demos without name, this might also delete demos from other players, that you might have in your directory.
To prevent this I at least check whether the demo contains the player name if `cl_demo_name` is on.
In my opinion the better solution would be to remove `cl_demo_name` and always use the player name.
```
warning C4291: no matching operator delete found; memory will not be freed if initialization throws an exception
warning C4305: truncation from 'double' to 'float'
warning C4805: unsafe mix of type 'bool' and type 'int' in operation
```
- Single json file containing all information for the client
- Fetched from https://info.ddnet.tw/info?name=deen
- Replaces versionsrv, news, ddnet-maps.json and ddnet-ranks.json
- Servers are sorted by most popular ones for respective player
- Always stays < 100 ms response time, compared to occasional 50 s for
old ddnet-ranks.json
This uses an extended protocol message to signal that rcon
authentication might require a username, allowing the client to enable
the username prompt.
Add a forgotten logout on key update
This system can easily be extended by independent authors without
collisions, something the old system with plain increasing integers did
not allow.
Do this by utilizing the previously unused message code `NETMSG_NULL`
which has a value of 0.
This works for engine and game messages, snapshot items and events.
This means that we have a reliable and fast way to query for extended info,
while also not wasting network bandwidth.
The protocol is designed to be extensible, there's four bytes space for
encoding more request types (currently zeroed), and there's one string in each
response packet and one string for each player available (currently the empty
string).
The protocol itself has no problems with more than 64 players, although the
current client implementation will drop the player info after the 64th player,
because it uses a static array for storage.
Also fixes#130, the player list is just sorted each time new player info
arrives.
This way, servers can no longer hijack the timeout codes of clients.
Timeout codes are generated from md5(seed + dummy + server address).
If `cl_timeout_seed` is set to the empty string, the old config options
are used instead.