| Anonymous | Login | Signup for a new account | 26-12-24 18:54 CET |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update | |
| 0001900 | SphereServer | executable - generic | public | 28-01-11 17:54 | 24-07-14 18:08 | |
| Reporter | Terrikate | |||||
| Assigned To | XuN | |||||
| Priority | normal | Severity | tweak | Reproducibility | always | |
| Status | resolved | Resolution | fixed | |||
| Platform | OS | OS Version | ||||
| Product Version | ||||||
| Target Version | Fixed in Version | 0.56c Nightly | ||||
| Summary | 0001900: Skipping any control speech (including default spk_player) | |||||
| Description | You can skip any sections speech check if the sentence begins with ()= | |||||
| Tags | No tags attached. | |||||
| Nightly Version | Automated (specify build number) | |||||
| Experimental Flags | None | |||||
| Option Flags | None | |||||
| Internal Build Number | 1402 | |||||
| Attached Files | ||||||
 Relationships |
 Notes |
|
|
(0000880) MrSugarCube (administrator) 29-01-11 14:04 |
Do you have an example? Each of the following worked fine for me (in spk_player): ON=*boo* // accepts "boo", "()=boo", "(boo)", "boo()=" SYSMESSAGE You said *boo*! RETURN 2 ON=*boo // accepts "boo", "()=boo" SYSMESSAGE You said *boo! RETURN 2 ON=boo* // accepts "boo", "boo()=" SYSMESSAGE You said boo*! RETURN 2 |
|
(0000883) Terrikate (developer) 29-01-11 16:26 |
Sorry!. It is a failure of long ago and spoke from memory without remembering the exact failure ... The problem is the comparison with STRCMPI, STRCMP and STRMATCH. If you use the characters () = you skip the checks and fails on the console. EXAMPLE ON=* SERV.LOG <ARGS> IF (<SRC.FLAGS>&STATF_DEAD) IF !STRCMPI(<ARGS>,all come) ELSEIF !STRCMPI(<ARGS>,all stop) ELSEIF !STRCMPI(<ARGS>,navegacion) ELSE RETURN 1 ENDIF ENDIF 16:11:ERROR:(sphere_speech.scp,54)Undefined symbol 'SDGG' 16:11:(sphere_speech.scp,61)()=SDGG |
|
(0000884) Terrikate (developer) 29-01-11 16:27 |
Affect any system that uses comparisons. Another flaw is that the comparators allow the use of asterisks and question marks as wildcards, so if you put an * when you are asking for a 3 digit code will pass the test. Also if you put three characters of interrogations. |
|
(0000974) babidi (reporter) 23-03-11 09:01 |
can be a way to inject code this way? |
|
(0002365) XuN (developer) 23-07-14 19:47 |
Not happening me, can you still reproduce it? |
|
(0002367) XuN (developer) 24-07-14 18:08 |
Closed since there's no problem anymore. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 28-01-11 17:54 | Terrikate | New Issue | |
| 29-01-11 14:04 | MrSugarCube | Note Added: 0000880 | |
| 29-01-11 16:26 | Terrikate | Note Added: 0000883 | |
| 29-01-11 16:27 | Terrikate | Note Added: 0000884 | |
| 29-01-11 17:13 | MrSugarCube | Relationship added | parent of 0001739 |
| 29-01-11 17:14 | MrSugarCube | Relationship replaced | related to 0001739 |
| 23-03-11 09:01 | babidi | Note Added: 0000974 | |
| 23-07-14 19:47 | XuN | Note Added: 0002365 | |
| 24-07-14 18:08 | XuN | Note Added: 0002367 | |
| 24-07-14 18:08 | XuN | Status | new => resolved |
| 24-07-14 18:08 | XuN | Fixed in Version | => 0.56c Nightly |
| 24-07-14 18:08 | XuN | Resolution | open => fixed |
| 24-07-14 18:08 | XuN | Assigned To | => XuN |
|
Issue History |
| Copyright © 2000 - 2010 MantisBT Group |
 |