Mirrorlandia_minetest/3d_armor
1
0
Fork 0
mirror of https://github.com/minetest-mods/3d_armor.git synced 2024-11-26 06:13:45 +01:00
Code Issues Projects Releases Wiki Activity

Fix detached inventory vulnerability (#23)

Browse Source
This commit is contained in:
Maksim 2020-11-03 22:22:14 +01:00 committed by GitHub
parent 7436fcdffe
commit 5958b312ac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
3d_armor/init.lua
View File

@ -13,7 +13,7 @@ local S = armor.get_translator
-- integration test -- integration test
if minetest.settings:get_bool("enable_3d_armor_integration_test") then if minetest.settings:get_bool("enable_3d_armor_integration_test") then
dofile(modpath.."/integration_test.lua") dofile(modpath.."/integration_test.lua")
end end
@ -66,7 +66,7 @@ end
if minetest.get_modpath("technic") then if minetest.get_modpath("technic") then
armor.formspec = armor.formspec.. armor.formspec = armor.formspec..
"label[5,2.5;"..F(S("Radiation"))..": armor_group_radiation]" "label[5,2.5;"..F(S("Radiation"))..": armor_group_radiation]"
armor:register_armor_group("radiation") armor:register_armor_group("radiation")
end end
local skin_mods = {"skins", "u_skins", "simple_skins", "wardrobe"} local skin_mods = {"skins", "u_skins", "simple_skins", "wardrobe"}
@ -95,9 +95,9 @@ dofile(modpath.."/armor.lua")
armor.formspec = armor.formspec.. armor.formspec = armor.formspec..
"label[5,1;"..F(S("Level"))..": armor_level]".. "label[5,1;"..F(S("Level"))..": armor_level]"..
"label[5,1.5;"..F(S("Heal"))..": armor_attr_heal]" "label[5,1.5;"..F(S("Heal"))..": armor_attr_heal]"
if armor.config.fire_protect then if armor.config.fire_protect then
armor.formspec = armor.formspec.."label[5,2;"..F(S("Fire"))..": armor_attr_fire]" armor.formspec = armor.formspec.."label[5,2;"..F(S("Fire"))..": armor_attr_fire]"
end end
armor:register_on_damage(function(player, index, stack) armor:register_on_damage(function(player, index, stack)
local name = player:get_player_name() local name = player:get_player_name()
@ -193,6 +193,9 @@ local function init_player_armor(initplayer)
armor:set_player_armor(player) armor:set_player_armor(player)
end, end,
allow_put = function(inv, listname, index, put_stack, player) allow_put = function(inv, listname, index, put_stack, player)
if player:get_player_name() ~= name then
return 0
end
local element = armor:get_element(put_stack:get_name()) local element = armor:get_element(put_stack:get_name())
if not element then if not element then
return 0 return 0
@ -208,9 +211,15 @@ local function init_player_armor(initplayer)
return 1 return 1
end, end,
allow_take = function(inv, listname, index, stack, player) allow_take = function(inv, listname, index, stack, player)
if player:get_player_name() ~= name then
return 0
end
return stack:get_count() return stack:get_count()
end, end,
allow_move = function(inv, from_list, from_index, to_list, to_index, count, player) allow_move = function(inv, from_list, from_index, to_list, to_index, count, player)
if player:get_player_name() ~= name then
return 0
end
return count return count
end, end,
}, name) }, name)
@ -292,7 +301,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
if not name then if not name then
return return
end end
local player_name = player:get_player_name() local player_name = player:get_player_name()
for field, _ in pairs(fields) do for field, _ in pairs(fields) do
if string.find(field, "skins_set") then if string.find(field, "skins_set") then
armor:update_skin(player_name) armor:update_skin(player_name)
@ -302,10 +311,10 @@ end)
minetest.register_on_joinplayer(function(player) minetest.register_on_joinplayer(function(player)
default.player_set_model(player, "3d_armor_character.b3d") default.player_set_model(player, "3d_armor_character.b3d")
local player_name = player:get_player_name() local player_name = player:get_player_name()
minetest.after(0, function() minetest.after(0, function()
local pplayer = minetest.get_player_by_name(player_name) local pplayer = minetest.get_player_by_name(player_name)
if pplayer and init_player_armor(pplayer) == false then if pplayer and init_player_armor(pplayer) == false then
pending_players[pplayer] = 0 pending_players[pplayer] = 0
end end