Patch fast/teleport vulnerability when attached to an entity (#10340)

1 files changed, 24 insertions, 1 deletions

diff --git a/src/server/player_sao.cpp b/src/server/player_sao.cpp
index 67efed210..e5b239bba 100644
--- a/src/server/player_sao.cpp
+++ b/src/server/player_sao.cpp
@@ -558,11 +558,34 @@ void PlayerSAO::setMaxSpeedOverride(const v3f &vel)
 
 bool PlayerSAO::checkMovementCheat()
 {
-	if (isAttached() || m_is_singleplayer ||
+	if (m_is_singleplayer ||
 			g_settings->getBool("disable_anticheat")) {
 		m_last_good_position = m_base_position;
 		return false;
 	}
+	if (UnitSAO *parent = dynamic_cast<UnitSAO *>(getParent())) {
+		v3f attachment_pos;
+		{
+			int parent_id;
+			std::string bone;
+			v3f attachment_rot;
+			getAttachment(&parent_id, &bone, &attachment_pos, &attachment_rot);
+		}
+
+		v3f parent_pos = parent->getBasePosition();
+		f32 diff = m_base_position.getDistanceFromSQ(parent_pos) - attachment_pos.getLengthSQ();
+		const f32 maxdiff = 4.0f * BS; // fair trade-off value for various latencies
+
+		if (diff > maxdiff * maxdiff) {
+			setBasePosition(parent_pos);
+			actionstream << "Server: " << m_player->getName()
+					<< " moved away from parent; diff=" << sqrtf(diff) / BS
+					<< " resetting position." << std::endl;
+			return true;
+		}
+		// Player movement is locked to the entity. Skip further checks
+		return false;
+	}
 
 	bool cheated = false;
 	/*