Mirrored_Repos/DarkflameServer
1
0
Fork 0
mirror of https://github.com/DarkflameUniverse/DarkflameServer.git synced 2026-06-09 08:14:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: security vulnerabilities (#1980)

Browse Source 
* fix: security vulnerabilities

Tested that all functions related to the touched files work

will test sqlite on a CI build

* fix failing test

* ai feedback

* add buffer size checking

* use c_str

* dont log session key

* Try this for a mac definition

* be quiet apple
This commit is contained in:
David Markowitz
2026-06-07 20:59:11 -07:00
committed by GitHub
parent f6c9a27a2b
commit a156a8fcba
109 changed files with 806 additions and 514 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
dGame/dInventory/Item.cpp
View File

@@ -401,7 +401,8 @@ void Item::Disassemble(const eInventoryType inventoryType) {
const auto deliminator = '+';
while (std::getline(ssData, token, deliminator)) {
const auto modLot = std::stoi(token.substr(2, token.size() - 1));
if (token.size() <= 2) continue; // invalid token, must have size of at least 3.
const auto modLot = GeneralUtils::TryParse(token.substr(2, token.size() - 1), LOT_NULL);
modArray.push_back(modLot);
}
@@ -440,7 +441,10 @@ void Item::DisassembleModel(uint32_t numToDismantle) {
std::vector<std::string> renderAssetSplit = GeneralUtils::SplitString(renderAsset, '/');
if (renderAssetSplit.empty()) return;
std::string lxfmlPath = "BrickModels" + lxfmlFolderName + "/" + GeneralUtils::SplitString(renderAssetSplit.back(), '.').at(0) + ".lxfml";
const auto renderAssetSplitSplit = GeneralUtils::SplitString(renderAssetSplit.back(), '.');
if (renderAssetSplitSplit.empty()) return;
std::string lxfmlPath = "BrickModels" + lxfmlFolderName + "/" + renderAssetSplitSplit[0] + ".lxfml";
auto file = Game::assetManager->GetFile(lxfmlPath.c_str());
if (!file) {