If a formspec is submitted from a form fields handling
callback of another form (or "formspec shown from another
formspec"), the fields submitted for it can get
rejected by the form exploit mitigation subsystem with a
message like "'zorman2000' submitted formspec
('formspec_error:form2') but server hasn't sent formspec to
client, possible exploitation attempt" being sent to logs.
This was already reported as #7374 and a change was made
that fixed the simple testcase included with that bug
report but the bug still kept lurking around and popping
out in more complicated scenarios like the advtrains TSS
route programming UI.
Deep investigation of the problem revealed that this
sequence of events is entirely possible and leads to the
bug:
1. Server: show form1
2. Client *shows form1*
3. Client: submits form1
4. Server: show form2
5. Client: says form1 closed
6. Client *shows form2*
7. Client: submits form2
What happens inside the code is that when the server in
step 4 sends form2, the registry of opened forms is
updated to reflect the fact that form2 is now the valid
form for the client to submit. Then when in step 5 client
says "form1 was closed", the exploit mitigation subsystem
code deletes the registry entry for the client without
bothering to check whether the form client says was
closed just now is indeed the form that is recorded in
that entry as the valid form. Then later, in step 7 the
client tries to submit its valid form fields, these will
be rejected because the entry is missing.
It turns out the procedure where the broken code resides
already gets the form name so a simple "if" around the
offending piece of code fixes the whole thing. And
advtrains TSS agrees with that.
Reserve space for the list of games in findWorldSubgame. The
performance gain is pretty much negligible but this change
also gets rid of a performance warning by CLANG TIDY.
This patch will make distinguishable mods in modpacks possible in the future
`nil` checks are required to provide backwards-compatibility for fresh configured worlds
The craft definition handling code that collects the names of
the craftable nodes suffers from vector reallocation
performance hits, slowing down instances with lots of
crafting recipes (VanessaE's DreamBuilder and most public
server some to my mind when thinking about this). As in each
instance the size of the resulting vector is already known,
add a reserve() call before the offending loops to allocate
the needed chunk of memory within the result vector in one
go, getting rid of the overhead.
The pathfinder needs quite a bunch of items to add to the
resulting list. It turns out the amount of the space needed
for the finalized path is known in advance so preallocate it
to avoid a burst of reallocation calls each time something
needs to look for a path.
* Fix a crash on Android with Align2Npot2
glGetString can be NULL. If stored in a string it triggers a SIGSEGV.
Instead do a basic strstr and verify the pointer
* Better Align2Npot2 check (+ performance)
* Fix various bugs (Anticheat, Lua helpers)
Anticheat: Use camera position instead of player position for shoot line calculations
Lua helpers: Increase 'i' to not overwrite earlier added table values
* Remove lag compensation
* * 1.5 for larger selection boxes
* PostgreSQL & SQLite3 doesn't setModified(false) on RemotePlayer, then player is saved on each server save call. This results in heavy useless writes.
* PostgreSQL & SQLite3 ack engine meta write whereas db commit hasn't been performed. If commit failed write has failed. We mustn't notify engine write is done.
* serializing player meta must not setModified(false) because it didn't ensure write has been done
* add RemotePlayer::on_successfull_save callback to do the flag update on a successful save
The fallback code shouldn't be needed and is a remnant of the GET
method that old media servers use. Clients using it are likely
to just waste bandwidth and having to download the media again
through the normal transfer from server method. The most reliable
method is to get all missing textures therefore from the server
directly and not spam the remote media server with 404s.
Previously, when the CSM restriction 'LOAD_CLIENT_MODS' was used a
client was still able to add CSM code to 'builtin' to bypass that
restriction, because 'builtin' is not yet verified.
Until server-sent CSM and verifying of 'builtin' are complete, make
'LOAD_CLIENT_MODS' disable the loading of builtin.
Clarify code comments and messages to distinguish between client-side
modding and client-side scripting. 'Scripting' includes 'builtin',
'modding' does not.
GCC and CLang compilers fail to support full IEC559 compliance required for the test, when certain compiler flags are active. This patch implements a heuristic that checks for the most common flag in GCC and CLang, plues an extra check which GCC disables when it's not compliant, to hopefully catch most cases where it can't run.
Move star draw to before sun glow texture draw and before sun draw,
not currently essential but the logical order. Will be necessary if
a 'no far ground' option is added, to draw stars behind the sun.
```
[ 10%] Building CXX object src/CMakeFiles/minetest.dir/client/render/interlaced.cpp.o
cc1plus: warning: -Wabi won't warn about anything [-Wabi]
cc1plus: note: -Wabi warns about differences from the most up-to-date ABI, which is also used by default
cc1plus: note: use e.g. -Wabi=11 to warn about changes from GCC 7
```
Reported by GCC
```
minetest/src/server.cpp:996:42: warning: ‘peer_id’ may be used uninitialized in this function [-Wmaybe-uninitialized]
errorstream << "ProcessData: peer=" << peer_id << e.what() << std::endl;
```
At sunset:
Stars first appear slightly later, at the time the sun disappears over the horizon,
this fixes seeing dark stars in front of the sun horizon glow texture.
Stars reach full brightness slightly earlier at time 20000, not so excessively long
after sunset.
The above behaviour is also applied at sunrise, but of course, time-inverted.
In pitch fly mode, you fly to the exact direction you are pointing at, using the forward key. Other move directions are also pitched accordingly.
It allows smoother and more complex movements.
Can be enabled/disabled by L key by default (set keymap_pitchfly in minetest.conf)
script_get_backtrace() was leaving its return value on the stack, corrupting
subsequent lua operations for functions that did not immediately return.
This problem can specifically be observed in the case of multiple "groupcaps"
entries, each of which provides the legacy "maxwear" property. These cause a
backtrace and thus pollute the stack for the following lua_next() call.
* Adds Lua methods 'set_rotation()' and 'get_rotation'. Also changed some method names to be more clear. Instead of an f32 being sent over network for yaw, now a v3f is sent for rotation on xyz axes. Perserved Lua method set_yaw/setyaw so that old mods still work, other wise to set yaw they would need to switch to set_rotation(0, yaw, 0).
Use the CSM death formspec when CSM is enabled and use the engine death formspec when CSM is disabled.
Move the CSM death formspec code to a dedicated file.
Works by detecting a collision while moving forward and then
simulating a jump. If the simulated jump is more successful,
an artificial jump key press is injected in the client.
Includes setting and key change GUI element for enabling and
disabling this feature.
Use font size 14 for phones.
Use x_inches < 3.7 instead of < 3.5 for small phones.
Add a new category x_inches < 6 for larger phones.
Use HUD scaling 0.85 for larger phones.
Use desktop defaults for tablets.
Previously, each glass face used drawAutoLightedCuboid() to draw a
flat cuboid. This also disallowed backface culling, making the
backface culling inconsistent with 'glasslike'.
Use code from 'glasslike' to draw glass faces using drawQuad().
Remove long-unknown top/bottom textures feature:
Makes the code simpler and cleaner.
Never documented, long-unknown and not of much use.
Previously, 'time_brightness' never fell below the threshold so
night sky colours were not applied.
Increase the threshold value. But now also set it to a value less
sensitive to possible future small changes in 'time_brightness',
by setting it halfway between the 'time_brightness' values for
darkest night and first stage of dawn.
Create CPack WIX msi Installer for RUN_IN_PLACE=0 builds
Correct paths on Windows for RUN_IN_PLACE=0
Install only required font files
Games have their own components, and "minimal" is optional
Mods will now have to initialize the list/slot in order to define the default player hand.
They may use the inventory callbacks to prevent abuse of this list.
Improve codestyle.
Add clarifying comments.
Use 'movement_gravity' setting and physics override instead of hardcoded value.
Halve number of particles in final 'node dug' burst.
Avoid extremely small, near-invisible particles.
Increase velocity to increase number emerging from within a cubic node.
Previously, night clouds were almost indistinguishable from night sky,
especially since a recent commit that made night sky brighter.
They were lacking the beautiful luminosity caused by being lit by the
permanently-full moon.
When 'directional_colored_fog = false' allow the dawn/dusk cloud
brightness boost to apply through the night too.
Set an identical minimum cloud brightness for when
'directional_colored_fog = true'.
Damage flash is shortened from 0.98-1.27s to 0.25s-0.33s to reduce
player in-game blindness, especially useful for combat situations.
It is also visually more comfortable.
Camera hurt tilt is made slightly shorter to match in duration.
Both flash and camera tilt are now of similar length to a typical
damage sound, such as the one used by Minetest Game which is 0.27s.
The 3 effects become more synchronised and unified.
Previously dungeons > decorations > ores.
Decorations depend on the node they are placed on, and ore types are
increasingly able to place large continuous volumes of nodes, such as
strata. Decorations are increasingly being used underground.
The new order avoids a node being changed by ore generation after a
decoration has been placed on it.
The new order also avoids ores appearing in the walls of a dungeon if
the wall nodes match the local stone node.
Make tunnels wider and use the noise parameters of most other mapgens.
All other underground features are already identical to all other
non-mgv6 mapgens, this final change modernises and improves the tunnels.
Also, use a better distance calculation for 'collide with objects'.
Fixes the issue of a vehicle occasionally colliding with its own driver,
causing one of the velocity components to be set to zero.
Add 2 new mapgen flags to make river depth variation and humidity drop
with altitude independently optional, instead of both being enabled by
the 'humid rivers' flag.
Simplify and clarify related code by removing a low priority
optimisation regarding 't_heat'.
Remove unnecessary optimisation bools and use spflags directly instead.
Improve and fix documentation in settingtypes.txt.
A few minor code cleanups.