From e5896076fe35f335794c0136cb12768109ad6fea Mon Sep 17 00:00:00 2001 From: Jeija Date: Sun, 1 Jun 2014 10:57:58 +0200 Subject: [PATCH] Make sure #160 cannot be exploited to make servers crash. This is not exactly a fix for the issue, because extremely large circuits (3000+ conductors) still won't work with this applied. This simply aborts any execution if there is the danger of a stack overflow. --- mesecons/internal.lua | 8 ++++++-- mesecons/settings.lua | 2 ++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/mesecons/internal.lua b/mesecons/internal.lua index ecbfff7..6ed8f74 100644 --- a/mesecons/internal.lua +++ b/mesecons/internal.lua @@ -367,6 +367,7 @@ end function mesecon:turnon(pos, rulename, recdepth) recdepth = recdepth or 2 + if (recdepth > STACK_SIZE) then return end local node = minetest.get_node(pos) if(node.name == "ignore") then @@ -417,6 +418,7 @@ end) function mesecon:turnoff(pos, rulename, recdepth) recdepth = recdepth or 2 + if (recdepth > STACK_SIZE) then return end local node = minetest.get_node(pos) if(node.name == "ignore") then @@ -477,7 +479,9 @@ function mesecon:connected_to_receptor(pos, rulename) return false end -function mesecon:find_receptor_on(pos, checked, rulename) +function mesecon:find_receptor_on(pos, checked, rulename, recdepth) + recdepth = recdepth or 2 + if (recdepth > STACK_SIZE) then return true end -- ignore request local node = minetest.get_node(pos) if mesecon:is_receptor_on(node.name) then @@ -501,7 +505,7 @@ function mesecon:find_receptor_on(pos, checked, rulename) local rulenames = mesecon:rules_link_rule_all_inverted(pos, rule) for _, rname in ipairs(rulenames) do local np = mesecon:addPosRule(pos, rname) - if mesecon:find_receptor_on(np, checked, mesecon:invertRule(rname)) then + if mesecon:find_receptor_on(np, checked, mesecon:invertRule(rname), recdepth + 1) then return true end end diff --git a/mesecons/settings.lua b/mesecons/settings.lua index 160df67..eb34f17 100644 --- a/mesecons/settings.lua +++ b/mesecons/settings.lua @@ -10,3 +10,5 @@ MESECONS_RESUMETIME = 4 -- time to wait when starting the server before OVERHEAT_MAX = 20 -- maximum heat of any component that directly sends an output -- signal when the input changes (e.g. luacontroller, gates) -- Unit: actions per second, checks are every 1 second +STACK_SIZE = 3000 -- Recursive functions will abort when this is reached. Therefore, + -- this is also limits the maximum circuit size.