By sending a tribute with NaN resources to any player, that player gains infinite resources.
Details
Details
- Reviewers
- None
- Commits
- rP19836: Prevent a tribute exploit (gaining infinite resources by sending a tribute of…
- Trac Tickets
- #4459
I read through Commands.js from top to bottom and it seems this was the last of these simulation exploits.
We have fixed the Barter exploit in D381,
the batch-training one in D66,
the entity colorization and exit command in D65,
the developer cheat simulation commands in D455.
All the other commands pass entities which are always filtered beforehand by ProcessCommand.
Some of these commands (like a tribute-request to an AI with missing properties) can cause warnings to appear, but no player gains any advantage of them afaics.
A test file wasn't edited here since we run into the "muting of the warning" issue again.
Diff Detail
Diff Detail
- Repository
- rP 0 A.D. Public Repository
- Lint
Automatic diff as part of commit; lint not applicable. - Unit
Automatic diff as part of commit; unit tests not applicable.
Event Timeline
Comment Actions
Executing section Default... Executing section Source... Executing section JS... binaries/data/mods/public/simulation/components/Player.js | 134| » if·(num·!=·0·&&·num·>·(this.GetPopulationLimit()·-·this.GetPopulationCount())) | | [NORMAL] JSHintBear: | | Use '!==' to compare with '0'. binaries/data/mods/public/simulation/components/Player.js | 266| » » if·(this.resourceCount[type]·!=·undefined·&&·amounts[type]·>·this.resourceCount[type]) | | [NORMAL] JSHintBear: | | Use '!==' to compare with 'undefined'. binaries/data/mods/public/simulation/components/Player.js | 269| » if·(Object.keys(amountsNeeded).length·==·0) | | [NORMAL] JSHintBear: | | Use '===' to compare with '0'. binaries/data/mods/public/simulation/components/Player.js | 323| » for·(var·type·in·amounts) | | [NORMAL] JSHintBear: | | 'type' is already defined. binaries/data/mods/public/simulation/components/Player.js | 692| » return·this.diplomacy[id]·==·0; | | [NORMAL] JSHintBear: | | Use '===' to compare with '0'. Executing section XML GUI... Executing section Python... Executing section Perl...
http://jw:8080/job/phabricator_lint/238/ for more details.
Comment Actions
Build is green
Updating workspaces. Build (release)... Build (debug)... Running release tests... Running cxxtest tests (306 tests)..................................................................................................................................................................................................................................................................................................................OK! Running debug tests... Running cxxtest tests (306 tests)..................................................................................................................................................................................................................................................................................................................OK! Checking XML files...
http://jw:8080/job/phabricator/1631/ for more details.