cyberpresidentvanellope/Bubberstation
1
0
Fork 0
mirror of https://github.com/Bubberstation/Bubberstation.git synced 2025-12-11 18:22:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

[MIRROR] [s] Security vulnerability patch [MDB IGNORE] (#9256)

Browse Source 
* [s] Security vulnerability patch (#62568)

About The Pull Request

In my personal, subjective opinion; trialmins should not, in fact, be able to read and delete server/box configuration files on a whim.

cl
server: Patches multiple(?) arbitrary file related vulnerabilities
/cl

* [s] Security vulnerability patch

Co-authored-by: TheFakeElon <59686430+TheFakeElon@users.noreply.github.com>
This commit is contained in:
SkyratBot
2021-11-06 06:47:20 +00:00
committed by GitHub
parent a3d86ae914
commit d45e3ce55f
11 changed files with 38 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
code/controllers/configuration/configuration.dm
View File

@@ -32,7 +32,7 @@
/// A regex that matches words blocked IC, but not in PDAs
var/static/regex/ic_outside_pda_filter_regex
/// A regex that matches words soft blocked IC
var/static/regex/soft_ic_filter_regex
@@ -347,7 +347,7 @@ Example config:
switch (command)
if ("map")
currentmap = load_map_config("_maps/[data].json")
currentmap = load_map_config(data)
if(currentmap.defaulted)
log_config("Failed to load map config for [data]!")
currentmap = null

8
code/controllers/subsystem/mapping.dm
View File

@@ -454,9 +454,9 @@ GLOBAL_LIST_EMPTY(the_station_areas)
/datum/controller/subsystem/mapping/proc/preloadRuinTemplates()
// Still supporting bans by filename
var/list/banned = generateMapList("[global.config.directory]/lavaruinblacklist.txt")
banned += generateMapList("[global.config.directory]/spaceruinblacklist.txt")
banned += generateMapList("[global.config.directory]/iceruinblacklist.txt")
var/list/banned = generateMapList("lavaruinblacklist.txt")
banned += generateMapList("spaceruinblacklist.txt")
banned += generateMapList("iceruinblacklist.txt")
for(var/item in sort_list(subtypesof(/datum/map_template/ruin), /proc/cmp_ruincost_priority))
var/datum/map_template/ruin/ruin_type = item
@@ -491,7 +491,7 @@ GLOBAL_LIST_EMPTY(the_station_areas)
//SKYRAT EDIT END//
/datum/controller/subsystem/mapping/proc/preloadShuttleTemplates()
var/list/unbuyable = generateMapList("[global.config.directory]/unbuyableshuttles.txt")
var/list/unbuyable = generateMapList("unbuyableshuttles.txt")
for(var/item in subtypesof(/datum/map_template/shuttle))
var/datum/map_template/shuttle/shuttle_type = item