Home Explore Help
Sign In
Godot
/
godot
mirror of https://github.com/godotengine/godot.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Multiplayer API now respects allow_object_decoding

Add doc about allow_object_decoding in PacketPeer
Fabio Alessandrelli 6 years ago
parent
e61a074a8e
commit
53ab3a1ba9
2 changed files with 8 additions and 6 deletions
Unified View Show Diff Stats
  1. 6 6
      core/io/multiplayer_api.cpp
  2. 2 0
      doc/classes/PacketPeer.xml

+ 6 - 6
core/io/multiplayer_api.cpp
View File 

@@ -299,7 +299,7 @@ void MultiplayerAPI::_process_rpc(Node *p_node, const StringName &p_name, int p_
 
 		ERR_FAIL_COND(p_offset >= p_packet_len);
 
 		ERR_FAIL_COND(p_offset >= p_packet_len);
 
 
 
 		int vlen;
 
 		int vlen;
 
-		Error err = decode_variant(args.write[i], &p_packet[p_offset], p_packet_len - p_offset, &vlen);
 
+		Error err = decode_variant(args.write[i], &p_packet[p_offset], p_packet_len - p_offset, &vlen, network_peer->is_object_decoding_allowed());
 
 		ERR_EXPLAIN("Invalid packet received. Unable to decode RPC argument.");
 
 		ERR_EXPLAIN("Invalid packet received. Unable to decode RPC argument.");
 
 		ERR_FAIL_COND(err != OK);
 
 		ERR_FAIL_COND(err != OK);
 
 
 
@@ -335,7 +335,7 @@ void MultiplayerAPI::_process_rset(Node *p_node, const StringName &p_name, int p
 
 	ERR_FAIL_COND(!_can_call_mode(p_node, rset_mode, p_from));
 
 	ERR_FAIL_COND(!_can_call_mode(p_node, rset_mode, p_from));
 
 
 
 	Variant value;
 
 	Variant value;
 
-	Error err = decode_variant(value, &p_packet[p_offset], p_packet_len - p_offset);
 
+	Error err = decode_variant(value, &p_packet[p_offset], p_packet_len - p_offset, NULL, network_peer->is_object_decoding_allowed());
 
 
 
 	ERR_EXPLAIN("Invalid packet received. Unable to decode RSET value.");
 
 	ERR_EXPLAIN("Invalid packet received. Unable to decode RSET value.");
 
 	ERR_FAIL_COND(err != OK);
 
 	ERR_FAIL_COND(err != OK);
 
@@ -526,11 +526,11 @@ void MultiplayerAPI::_send_rpc(Node *p_from, int p_to, bool p_unreliable, bool p
 
 
 
 	if (p_set) {
 
 	if (p_set) {
 
 		// Set argument.
 
 		// Set argument.
 
-		Error err = encode_variant(*p_arg[0], NULL, len);
 
+		Error err = encode_variant(*p_arg[0], NULL, len, network_peer->is_object_decoding_allowed());
 
 		ERR_EXPLAIN("Unable to encode RSET value. THIS IS LIKELY A BUG IN THE ENGINE!");
 
 		ERR_EXPLAIN("Unable to encode RSET value. THIS IS LIKELY A BUG IN THE ENGINE!");
 
 		ERR_FAIL_COND(err != OK);
 
 		ERR_FAIL_COND(err != OK);
 
 		MAKE_ROOM(ofs + len);
 
 		MAKE_ROOM(ofs + len);
 
-		encode_variant(*p_arg[0], &(packet_cache.write[ofs]), len);
 
+		encode_variant(*p_arg[0], &(packet_cache.write[ofs]), len, network_peer->is_object_decoding_allowed());
 
 		ofs += len;
 
 		ofs += len;
 
 
 
 	} else {
 
 	} else {
 
@@ -539,11 +539,11 @@ void MultiplayerAPI::_send_rpc(Node *p_from, int p_to, bool p_unreliable, bool p
 
 		packet_cache.write[ofs] = p_argcount;
 
 		packet_cache.write[ofs] = p_argcount;
 
 		ofs += 1;
 
 		ofs += 1;
 
 		for (int i = 0; i < p_argcount; i++) {
 
 		for (int i = 0; i < p_argcount; i++) {
 
-			Error err = encode_variant(*p_arg[i], NULL, len);
 
+			Error err = encode_variant(*p_arg[i], NULL, len, network_peer->is_object_decoding_allowed());
 
 			ERR_EXPLAIN("Unable to encode RPC argument. THIS IS LIKELY A BUG IN THE ENGINE!");
 
 			ERR_EXPLAIN("Unable to encode RPC argument. THIS IS LIKELY A BUG IN THE ENGINE!");
 
 			ERR_FAIL_COND(err != OK);
 
 			ERR_FAIL_COND(err != OK);
 
 			MAKE_ROOM(ofs + len);
 
 			MAKE_ROOM(ofs + len);
 
-			encode_variant(*p_arg[i], &(packet_cache.write[ofs]), len);
 
+			encode_variant(*p_arg[i], &(packet_cache.write[ofs]), len, network_peer->is_object_decoding_allowed());
 
 			ofs += len;
 
 			ofs += len;
 
 		}
 
 		}
 
 	}
 
 	}

+ 2 - 0
doc/classes/PacketPeer.xml
View File 

@@ -60,6 +60,8 @@
 
 	</methods>
 
 	</methods>
 
 	<members>
 
 	<members>
 
 		<member name="allow_object_decoding" type="bool" setter="set_allow_object_decoding" getter="is_object_decoding_allowed">
 
 		<member name="allow_object_decoding" type="bool" setter="set_allow_object_decoding" getter="is_object_decoding_allowed">
 
+			If [code]true[/code] the PacketPeer will allow encoding and decoding of object via [method get_var] and [method put_var].
 
+			[b]WARNING:[/b] Deserialized object can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats (remote code execution).
 
 		</member>
 
 		</member>
 
 	</members>
 
 	</members>
 
 	<constants>
 
 	<constants>