cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
98feff17c7
openbsd-ports/games/openttd/patches/patch-src_rail_cmd_cpp
jasper e3fa076a28 Security fix for CVE-2012-3436, 
Denial of service (server) using ships on half tiles and landscaping.
2012-08-21 18:01:42 +00:00

48 lines
2.2 KiB
Plaintext
Raw Blame History

$OpenBSD: patch-src_rail_cmd_cpp,v 1.1 2012/08/21 18:01:42 jasper Exp $
Security fixes for CVE-2012-3436, DoS (server) using ships on half tiles
and landscaping: http://security.openttd.org/en/CVE-2012-3436:
- Fix [FS#5254]: In some cases ships could be covered with land.
http://vcs.openttd.org/svn/changeset/24439
- Fix [FS#5254]: Coast and sea are not the same.
http://vcs.openttd.org/svn/changeset/24449
--- src/rail_cmd.cpp.orig Tue Aug 21 19:47:32 2012
+++ src/rail_cmd.cpp Tue Aug 21 19:58:24 2012
@@ -2527,7 +2527,7 @@ set_ground:
static TrackStatus GetTileTrackStatus_Track(TileIndex tile, TransportType mode, uint sub_mode, DiagDirection side)
{
/* Case of half tile slope with water. */
- if (mode == TRANSPORT_WATER && IsPlainRail(tile) && GetRailGroundType(tile) == RAIL_GROUND_WATER) {
+ if (mode == TRANSPORT_WATER && IsPlainRail(tile) && GetRailGroundType(tile) == RAIL_GROUND_WATER && IsSlopeWithOneCornerRaised(GetTileSlope(tile, NULL))) {
TrackBits tb = GetTrackBits(tile);
switch (tb) {
default: NOT_REACHED();
@@ -2831,6 +2831,14 @@ static CommandCost TestAutoslopeOnRailTile(TileIndex t
return cost;
}
+/**
+ * Test-procedure for HasVehicleOnPos to check for a ship.
+ */
+static Vehicle *EnsureNoShipProc(Vehicle *v, void *data)
+{
+ return v->type == VEH_SHIP ? v : NULL;
+}
+
static CommandCost TerraformTile_Track(TileIndex tile, DoCommandFlag flags, uint z_new, Slope tileh_new)
{
uint z_old;
@@ -2839,6 +2847,9 @@ static CommandCost TerraformTile_Track(TileIndex tile,
TrackBits rail_bits = GetTrackBits(tile);
/* Is there flat water on the lower halftile that must be cleared expensively? */
bool was_water = (GetRailGroundType(tile) == RAIL_GROUND_WATER && IsSlopeWithOneCornerRaised(tileh_old));
+
+ /* Allow clearing the water only if there is no ship */
+ if (was_water && HasVehicleOnPos(tile, NULL, &EnsureNoShipProc)) return_cmd_error(STR_ERROR_SHIP_IN_THE_WAY);
/* First test autoslope. However if it succeeds we still have to test the rest, because non-autoslope terraforming is cheaper. */
CommandCost autoslope_result = TestAutoslopeOnRailTile(tile, flags, z_old, tileh_old, z_new, tileh_new, rail_bits);
Reference in New Issue View Git Blame Copy Permalink