HomeWildfire Games

new button in diplomacy to request an attack to allies, works also for AIs, fix…
Concern RaisedrP16533

Description

new button in diplomacy to request an attack to allies, works also for AIs, fix #3157

Details

Auditors
elexis
Committed
mimoApr 11 2015, 8:46 PM
Parents
rP16532: Petra: update the target of an attack when it has been captured
Branches
Unknown
Tags
Unknown

Event Timeline

elexis raised a concern with this commit.Oct 9 2019, 9:10 PM
elexis added a subscriber: elexis.
elexis added inline comments.
/ps/trunk/binaries/data/mods/public/simulation/ai/petra/attackManager.js
57

TLDR: appears to be an "exploitable" simulation bug. A malicious player could order an enemy petra AI to attack a different enemy (to deflect their forces in a 2v2v2 for example).

evt.source is intended to be the sender of the simulation command, but this JS object is constructed by the sender, so it can also be changed 'maliciously' (whereas the NetServer sets the ID of the player who sent the simulation command, thus cant be freely chosen by the client as long as the host is trusted (see also https://trac.wildfiregames.com/wiki/SimulationRequirements#Cheatprevention)

As the GUIInterface doesnt pass the trusted player variable,

Analogous to https://code.wildfiregames.com/rP19247#38802

This commit now has outstanding concerns.Oct 9 2019, 9:10 PM