aboutsummaryrefslogtreecommitdiff
path: root/NorthstarDedicatedTest/securitypatches.cpp
blob: ee16593bc8f5b650e7203249414efa9e512d8475 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#include "pch.h"
#include "securitypatches.h"
#include "hookutils.h"
#include "concommand.h"
#include "gameutils.h"
#include "convar.h"

typedef bool (*IsValveModType)();
IsValveModType IsValveMod;

bool IsValveModHook()
{
	// basically: by default r2 isn't set as a valve mod, meaning that m_bRestrictServerCommands is false
	// this is HORRIBLE for security, because it means servers can run arbitrary concommands on clients
	// especially since we have script commands this could theoretically be awful
	return !CommandLine()->CheckParm("-norestrictservercommands");
}

void InitialiseClientEngineSecurityPatches(HMODULE baseAddress)
{
	HookEnabler hook;

	// note: this could break some things
	ENABLER_CREATEHOOK(hook, (char*)baseAddress + 0x1C6360, &IsValveModHook, reinterpret_cast<LPVOID*>(&IsValveMod));

	// patches to make commands run from client/ui script still work
	// note: this is likely preventable in a nicer way? test prolly
	{
		void* ptr = (char*)baseAddress + 0x4FB65;
		TempReadWrite rw(ptr);

		*((char*)ptr) = (char)0xEB;
		*((char*)ptr + 1) = (char)0x11;
	}

	{
		void* ptr = (char*)baseAddress + 0x4FBAC;
		TempReadWrite rw(ptr);

		*((char*)ptr) = (char)0xEB;
		*((char*)ptr + 1) = (char)0x16;
	}

	// byte patches to patch concommands that this messes up that we need
	{
		// disconnect concommand
		void* ptr = (char*)baseAddress + 0x5ADA2D;
		TempReadWrite rw(ptr);

		*((int*)ptr) |= FCVAR_SERVER_CAN_EXECUTE;
	}
}