aboutsummaryrefslogtreecommitdiff
path: root/NorthstarDedicatedTest/serverauthentication.cpp
diff options
context:
space:
mode:
authorBobTheBob <32057864+BobTheBob9@users.noreply.github.com>2022-01-10 02:45:34 +0000
committerBobTheBob <32057864+BobTheBob9@users.noreply.github.com>2022-01-10 02:45:34 +0000
commit4a16290a48e65d9cb30c7aef6c405043d7c5d182 (patch)
tree0610ffce68238fa121e03e4d55a13b2dcb9cd3ed /NorthstarDedicatedTest/serverauthentication.cpp
parent99d58d760032ff89ff91df9afc58e23b50c011b9 (diff)
downloadNorthstarLauncher-4a16290a48e65d9cb30c7aef6c405043d7c5d182.tar.gz
NorthstarLauncher-4a16290a48e65d9cb30c7aef6c405043d7c5d182.zip
prevent FCVAR_GAMEDLL concommands without FCVAR_CLIENTCMD_CAN_EXECUTE from being called by non-local clients
Diffstat (limited to 'NorthstarDedicatedTest/serverauthentication.cpp')
-rw-r--r--NorthstarDedicatedTest/serverauthentication.cpp26
1 files changed, 26 insertions, 0 deletions
diff --git a/NorthstarDedicatedTest/serverauthentication.cpp b/NorthstarDedicatedTest/serverauthentication.cpp
index 4e3446c2..7253f31b 100644
--- a/NorthstarDedicatedTest/serverauthentication.cpp
+++ b/NorthstarDedicatedTest/serverauthentication.cpp
@@ -7,6 +7,8 @@
#include "gameutils.h"
#include "bansystem.h"
#include "miscserverscript.h"
+#include "concommand.h"
+#include "dedicated.h"
#include <fstream>
#include <filesystem>
#include <thread>
@@ -41,6 +43,8 @@ ProcessConnectionlessPacketType ProcessConnectionlessPacket;
typedef void(*CServerGameDLL__OnRecievedSayTextMessageType)(void* self, unsigned int senderClientIndex, const char* message, char unknown);
CServerGameDLL__OnRecievedSayTextMessageType CServerGameDLL__OnRecievedSayTextMessage;
+typedef void(*ConCommand__DispatchType)(ConCommand* command, const CCommand& args, void* a3);
+ConCommand__DispatchType ConCommand__Dispatch;
// global vars
ServerAuthenticationManager* g_ServerAuthenticationManager;
@@ -310,8 +314,13 @@ void CBaseClient__DisconnectHook(void* self, uint32_t unknownButAlways1, const c
}
// maybe this should be done outside of auth code, but effort to refactor rn and it sorta fits
+// hack: store the client that's executing the current stringcmd for pCommand->Dispatch() hook later
+void* pExecutingGameClient;
+
char CGameClient__ExecuteStringCommandHook(void* self, uint32_t unknown, const char* pCommandString)
{
+ pExecutingGameClient = self;
+
if (CVar_sv_quota_stringcmdspersecond->m_nValue != -1)
{
// note: this isn't super perfect, legit clients can trigger it in lobby, mostly good enough tho imo
@@ -336,6 +345,22 @@ char CGameClient__ExecuteStringCommandHook(void* self, uint32_t unknown, const c
return CGameClient__ExecuteStringCommand(self, unknown, pCommandString);
}
+void ConCommand__DispatchHook(ConCommand* command, const CCommand& args, void* a3)
+{
+ // patch to ensure FCVAR_GAMEDLL concommands without FCVAR_CLIENTCMD_CAN_EXECUTE can't be executed by remote clients
+ if (*sv_m_State == server_state_t::ss_active && command->GetFlags() & FCVAR_GAMEDLL && !(command->GetFlags() & FCVAR_CLIENTCMD_CAN_EXECUTE))
+ {
+ if (IsDedicated())
+ return;
+
+ // hack because don't currently have a way to check GetBaseLocalClient().m_nPlayerSlot
+ if (strcmp((char*)pExecutingGameClient + 0xF500, g_LocalPlayerUserID))
+ return;
+ }
+
+ ConCommand__Dispatch(command, args, a3);
+}
+
char __fastcall CNetChan___ProcessMessagesHook(void* self, void* buf)
{
double startTime = Plat_FloatTime();
@@ -478,6 +503,7 @@ void InitialiseServerAuthentication(HMODULE baseAddress)
ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x2140A0, &CNetChan___ProcessMessagesHook, reinterpret_cast<LPVOID*>(&CNetChan___ProcessMessages));
ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x104FB0, &CBaseClient__SendServerInfoHook, reinterpret_cast<LPVOID*>(&CBaseClient__SendServerInfo));
ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x117800, &ProcessConnectionlessPacketHook, reinterpret_cast<LPVOID*>(&ProcessConnectionlessPacket));
+ ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x417440, &ConCommand__DispatchHook, reinterpret_cast<LPVOID*>(&ConCommand__Dispatch));
// patch to disable kicking based on incorrect serverfilter in connectclient, since we repurpose it for use as an auth token
{