diff options
| author | red-001 <red-001@outlook.ie> | 2018-02-18 21:33:42 +0000 |
|---|---|---|
| committer | Loïc Blot <nerzhul@users.noreply.github.com> | 2018-02-18 22:33:42 +0100 |
| commit | 4bb41a19dc74fa31cb021dc3b5622814d67fbd6f (patch) | |
| tree | 6feeb93fb40c041907250e045cf54643c1b3821d /src/server.h | |
| parent | 63bcd3303622d52770fc54a4cbff07206f77d8cf (diff) | |
| download | minetest-4bb41a19dc74fa31cb021dc3b5622814d67fbd6f.tar.gz minetest-4bb41a19dc74fa31cb021dc3b5622814d67fbd6f.tar.bz2 minetest-4bb41a19dc74fa31cb021dc3b5622814d67fbd6f.zip | |
Mitigate formspec exploits by verifying that the formspec was shown to the user by the server. (#6878)
This doesn't check the fields in anyway whatsoever so it should only be seen as a way to mitigate exploits, a last line of defense to make it harder to exploit bugs in mods, not as a reason to not do all the usually checks.
Diffstat (limited to 'src/server.h')
| -rw-r--r-- | src/server.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/server.h b/src/server.h index b5db04c8a..13c21067c 100644 --- a/src/server.h +++ b/src/server.h @@ -591,6 +591,8 @@ private: */ std::queue<con::PeerChange> m_peer_change_queue; + std::unordered_map<session_t, std::string> m_formspec_state_data; + /* Random stuff */ |