Validate entity in GameRules_GetPropEnt and in CS_DropWeapon safety checks.
This commit is contained in:
parent
80f7e3092b
commit
e9385e6eb6
@ -221,7 +221,7 @@ static cell_t CS_DropWeapon(IPluginContext *pContext, const cell_t *params)
|
|||||||
return pContext->ThrowNativeError("Invalid entity index %d for weapon", params[2]);
|
return pContext->ThrowNativeError("Invalid entity index %d for weapon", params[2]);
|
||||||
|
|
||||||
CBaseHandle &hndl = *(CBaseHandle *)((uint8_t *)pWeapon + spi.actual_offset);
|
CBaseHandle &hndl = *(CBaseHandle *)((uint8_t *)pWeapon + spi.actual_offset);
|
||||||
if (params[1] != hndl.GetEntryIndex())
|
if (params[1] != hndl.GetEntryIndex() || hndl != ((IServerEntity *)pEntity)->GetRefEHandle())
|
||||||
return pContext->ThrowNativeError("Weapon %d is not owned by client %d", params[2], params[1]);
|
return pContext->ThrowNativeError("Weapon %d is not owned by client %d", params[2], params[1]);
|
||||||
|
|
||||||
if (params[4] == 1 && g_pCSWeaponDropDetoured)
|
if (params[4] == 1 && g_pCSWeaponDropDetoured)
|
||||||
|
@ -339,9 +339,14 @@ static cell_t GameRules_GetPropEnt(IPluginContext *pContext, const cell_t *param
|
|||||||
void *pGameRules = *g_pGameRules;
|
void *pGameRules = *g_pGameRules;
|
||||||
|
|
||||||
CBaseHandle &hndl = *(CBaseHandle *)((intptr_t)pGameRules + offset);
|
CBaseHandle &hndl = *(CBaseHandle *)((intptr_t)pGameRules + offset);
|
||||||
|
CBaseEntity *pEntity = gamehelpers->ReferenceToEntity(hndl.GetEntryIndex());
|
||||||
|
|
||||||
int ref = gamehelpers->IndexToReference(hndl.GetEntryIndex());
|
if (!pEntity || ((IServerEntity *)pEntity)->GetRefEHandle() != hndl)
|
||||||
return gamehelpers->ReferenceToBCompatRef(ref);
|
{
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
return gamehelpers->EntityToBCompatRef(pEntity);
|
||||||
}
|
}
|
||||||
|
|
||||||
static cell_t GameRules_SetPropEnt(IPluginContext *pContext, const cell_t *params)
|
static cell_t GameRules_SetPropEnt(IPluginContext *pContext, const cell_t *params)
|
||||||
|
Loading…
Reference in New Issue
Block a user