WARNING! BY APPLYING THIS PATCH YOU MAY
NOT BE ABLE TO PLAY SOME MAPS, I REPEAT
YOU MAY NOT BE ABLE TO PLAY SOME MAPS.
hiveworkshop wrote:
In the old JASS compiler, a function with multiple returns was only type-safe on the last return. That is to say
Code:
function A takes handle h returns integer
return h
endfunction
Would break, as h is not an integer. However,
Code:
function B takes handle h returns integer
return h
return 0
endfunction
Would compile fine, as 0 is an integer and only the last return is type-safe. As functions exit after they hit a return, this allowed JASSers to "convert" types, such as getting an integer index of a handle via the above function B (called H2I).
However, this could also be exploited with functions to convert code to and from integers, allowing people to write and execute arbitrary bytecode. As a side effect, you could do a buffer overflow attack on the VM, allowing arbitrary machine code to be executed, obviously posing a significant security threat.
Rather than fixing the buffer overflow problem, Blizzard decided to instead fix the return bug. This may seem minor, but the return bug was key to attaching information to objects; you could get an object's ID via H2I and then use a gamecache to store things to it. Additionally, you could also pass around objects as integers and convert them back via a reverse I2H function.
As a solution for the demand for this kind of function but still feeling the need to close the return bug, Blizzard introduced the hashtables and StringHash/GetHandleId functions above. While for most things they will suffice or even be better, this means that all maps using the old system need to be recoded to support them or they will not work.
--------------------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------
WARCRAFT III: THE FROZEN THRONE VERSION HISTORY
--------------------------------------------------------------------------
--------------------------------------------------------------------------
Patch 1.24
--------------------------------------------------------------------------
PC WORLD EDITOR CHANGES
- Added new JASS hash table functions to replace the lost functionality from
fixing unsafe type casting.
- Hash Table - Save Item Handle
- Hash Table - Save Unit Handle
- ...
- Hash Table - Load Item Handle
- Hash Table - Load Unit Handle
- ...
- Hash Table - Get Handle ID
FIXES
- Fixed an exploit related to unsafe type casting that allowed users to
execute arbitrary code in maps.
- Fixed the JASS unsafe type casting exploit ("return bug").
- Fixed several World Editor crashes.
--------------------------------------------------------------------------------------------------------------------------------------
Just a heads up to the developers and players
I think its on the Westfall server already.
Sauce:
http://www.hiveworkshop.com/forums/late ... ls-134193/http://www.hiveworkshop.com/forums/late ... ng-131095/http://forums.battle.net/thread.html?to ... 1&sid=3000there is a developers: "help" list that can be found at the blizzard forums here:
http://forums.battle.net/thread.html?to ... 8&sid=3000
Login
Register
FAQ
Search
Chat
Fileserver
