mirror of
https://github.com/ZDoom/gzdoom-gles.git
synced 2024-11-11 15:22:15 +00:00
- use a whitelist for DoCommand zscript command
This commit is contained in:
Rachael Alexanderson
parent
de12902d77
commit
f77ba14948
1 changed files with 17 additions and 1 deletions
|
|
@ -664,13 +664,29 @@ void C_DoCommand (const char *cmd, int keynum)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define ZS_SAFE_COMMAND(ccmd) if (stricmp(cmd, #ccmd) == 0) return true;
|
||||||
|
|
||||||
|
bool C_ZSIsSafe(FString cmd)
|
||||||
|
{
|
||||||
|
ZS_SAFE_COMMAND(snd_reset)
|
||||||
|
ZS_SAFE_COMMAND(reset2defaults)
|
||||||
|
ZS_SAFE_COMMAND(menuconsole)
|
||||||
|
ZS_SAFE_COMMAND(clearnodecache)
|
||||||
|
ZS_SAFE_COMMAND(am_restorecolors)
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
// This is only accessible to the special menu item to run CCMDs.
|
// This is only accessible to the special menu item to run CCMDs.
|
||||||
DEFINE_ACTION_FUNCTION(DOptionMenuItemCommand, DoCommand)
|
DEFINE_ACTION_FUNCTION(DOptionMenuItemCommand, DoCommand)
|
||||||
{
|
{
|
||||||
if (CurrentMenu == nullptr) return 0;
|
if (CurrentMenu == nullptr) return 0;
|
||||||
PARAM_PROLOGUE;
|
PARAM_PROLOGUE;
|
||||||
PARAM_STRING(cmd);
|
PARAM_STRING(cmd);
|
||||||
C_DoCommand(cmd);
|
if (C_ZSIsSafe(cmd))
|
||||||
|
C_DoCommand(cmd);
|
||||||
|
else
|
||||||
|
Printf("Script attempted to call unsafe command '%s'\n", cmd);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue