aboutsummaryrefslogtreecommitdiff
path: root/primedev/shared/exploit_fixes
diff options
context:
space:
mode:
Diffstat (limited to 'primedev/shared/exploit_fixes')
-rw-r--r--primedev/shared/exploit_fixes/exploitfixes.cpp36
1 files changed, 24 insertions, 12 deletions
diff --git a/primedev/shared/exploit_fixes/exploitfixes.cpp b/primedev/shared/exploit_fixes/exploitfixes.cpp
index d96bc41e..1b3069f5 100644
--- a/primedev/shared/exploit_fixes/exploitfixes.cpp
+++ b/primedev/shared/exploit_fixes/exploitfixes.cpp
@@ -120,19 +120,31 @@ bool, __fastcall, (void* pMsg)) // 48 8B D1 48 8B 49 18 48 8B 01 48 FF 60 10
if (!nameValid || !valValid)
return BLOCKED_INFO("Missing null terminators");
- ConVar* pVar = g_pCVar->FindVar(entry->name);
-
- if (pVar)
+ // we only need to check if these cvars are valid on client as it will set actual cvars there
+ // on server this won't set any actual convars, only keyvalues in the player, which doesn't have really any potential for dumb
+ // stuff
+ if (!bIsServerFrame)
{
- memcpy(
- entry->name,
- pVar->m_ConCommandBase.m_pszName,
- strlen(pVar->m_ConCommandBase.m_pszName) + 1); // Force name to match case
-
- int iFlags = bIsServerFrame ? FCVAR_USERINFO : FCVAR_REPLICATED;
- if (!pVar->IsFlagSet(iFlags))
- return BLOCKED_INFO(
- "Invalid flags (" << std::hex << "0x" << pVar->m_ConCommandBase.m_nFlags << "), var is " << entry->name);
+ ConVar* pVar = g_pCVar->FindVar(entry->name);
+ if (pVar)
+ {
+ memcpy(
+ entry->name,
+ pVar->m_ConCommandBase.m_pszName,
+ strlen(pVar->m_ConCommandBase.m_pszName) + 1); // Force name to match case
+
+ if (!pVar->IsFlagSet(FCVAR_REPLICATED))
+ {
+ spdlog::warn(
+ "Blocking replication of remote cvar {} from server (server's var has flag REPLICATED, while ours does not)",
+ entry->name);
+
+ // don't block, as non-malicious servers might send bad cvars, and we still want those clients to be able to
+ // connect
+ memset(entry->name, 0, ENTRY_STR_LEN);
+ memset(entry->val, 0, ENTRY_STR_LEN);
+ }
+ }
}
}
else