From e9385e6eb68f425ab9c016e4dda7b8465a482412 Mon Sep 17 00:00:00 2001 From: Nicholas Hastings Date: Mon, 17 Dec 2012 14:34:44 -0500 Subject: [PATCH] Validate entity in GameRules_GetPropEnt and in CS_DropWeapon safety checks. --- extensions/cstrike/natives.cpp | 2 +- extensions/sdktools/gamerulesnatives.cpp | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/extensions/cstrike/natives.cpp b/extensions/cstrike/natives.cpp index 3e1dcd0a..67612e4c 100644 --- a/extensions/cstrike/natives.cpp +++ b/extensions/cstrike/natives.cpp @@ -221,7 +221,7 @@ static cell_t CS_DropWeapon(IPluginContext *pContext, const cell_t *params) return pContext->ThrowNativeError("Invalid entity index %d for weapon", params[2]); CBaseHandle &hndl = *(CBaseHandle *)((uint8_t *)pWeapon + spi.actual_offset); - if (params[1] != hndl.GetEntryIndex()) + if (params[1] != hndl.GetEntryIndex() || hndl != ((IServerEntity *)pEntity)->GetRefEHandle()) return pContext->ThrowNativeError("Weapon %d is not owned by client %d", params[2], params[1]); if (params[4] == 1 && g_pCSWeaponDropDetoured) diff --git a/extensions/sdktools/gamerulesnatives.cpp b/extensions/sdktools/gamerulesnatives.cpp index 23346313..92ac52ed 100644 --- a/extensions/sdktools/gamerulesnatives.cpp +++ b/extensions/sdktools/gamerulesnatives.cpp @@ -339,9 +339,14 @@ static cell_t GameRules_GetPropEnt(IPluginContext *pContext, const cell_t *param void *pGameRules = *g_pGameRules; CBaseHandle &hndl = *(CBaseHandle *)((intptr_t)pGameRules + offset); + CBaseEntity *pEntity = gamehelpers->ReferenceToEntity(hndl.GetEntryIndex()); - int ref = gamehelpers->IndexToReference(hndl.GetEntryIndex()); - return gamehelpers->ReferenceToBCompatRef(ref); + if (!pEntity || ((IServerEntity *)pEntity)->GetRefEHandle() != hndl) + { + return -1; + } + + return gamehelpers->EntityToBCompatRef(pEntity); } static cell_t GameRules_SetPropEnt(IPluginContext *pContext, const cell_t *params)