From 2622d2dbfca0e754c8f6b323ff2aa34f8ef8e821 Mon Sep 17 00:00:00 2001 From: volas Date: Sun, 29 Mar 2015 13:47:57 +0300 Subject: [PATCH] sanitize() refactor: fourth pass --- code/__HELPERS/text.dm | 2 +- code/defines/procs/announce.dm | 5 +++-- code/game/machinery/camera/camera_assembly.dm | 2 +- code/game/machinery/newscaster.dm | 4 ++-- code/game/machinery/portable_turret.dm | 3 +-- code/game/machinery/requests_console.dm | 2 +- code/game/objects/items/bodybag.dm | 2 +- code/game/objects/items/weapons/cards_ids.dm | 4 ++-- code/game/objects/items/weapons/implants/implantcase.dm | 2 +- code/game/objects/structures/mirror.dm | 3 +-- code/game/objects/structures/morgue.dm | 4 ++-- code/modules/clothing/spacesuits/rig/modules/utility.dm | 2 +- code/modules/economy/EFTPOS.dm | 2 +- code/modules/hydroponics/seed_mobs.dm | 3 +-- code/modules/library/lib_items.dm | 2 +- code/modules/mob/dead/observer/say.dm | 2 +- code/modules/mob/living/carbon/brain/say.dm | 2 ++ code/modules/mob/living/carbon/human/human.dm | 6 +++--- code/modules/mob/living/carbon/metroid/say.dm | 3 +++ code/modules/mob/living/silicon/pai/recruit.dm | 4 ++-- code/modules/mob/living/simple_animal/parrot.dm | 2 +- code/modules/mob/mob.dm | 1 - code/modules/paperwork/handlabeler.dm | 2 +- code/modules/reagents/Chemistry-Machinery.dm | 2 +- code/setup.dm | 3 ++- 25 files changed, 36 insertions(+), 33 deletions(-) diff --git a/code/__HELPERS/text.dm b/code/__HELPERS/text.dm index 54ce601ac7..9ebc3512dd 100644 --- a/code/__HELPERS/text.dm +++ b/code/__HELPERS/text.dm @@ -183,7 +183,7 @@ /proc/replace_characters(var/t,var/list/repl_chars) for(var/char in repl_chars) - replacetext(t, char, repl_chars[char]) + t = replacetext(t, char, repl_chars[char]) return t //Adds 'u' number of zeros ahead of the text 't' diff --git a/code/defines/procs/announce.dm b/code/defines/procs/announce.dm index 9db7092928..0a64e89592 100644 --- a/code/defines/procs/announce.dm +++ b/code/defines/procs/announce.dm @@ -30,13 +30,14 @@ title = "Security Announcement" announcement_type = "Security Announcement" -/datum/announcement/proc/Announce(var/message as text, var/new_title = "", var/new_sound = null, var/do_newscast = newscast) +/datum/announcement/proc/Announce(var/message as text, var/new_title = "", var/new_sound = null, var/do_newscast = newscast, var/msg_sanitized = 0) if(!message) return var/message_title = new_title ? new_title : title var/message_sound = new_sound ? new_sound : sound - message = sanitize(message, extra = 0) + if(!msg_sanitized) + message = sanitize(message, extra = 0) message_title = sanitizeSafe(message_title) Message(message, message_title) diff --git a/code/game/machinery/camera/camera_assembly.dm b/code/game/machinery/camera/camera_assembly.dm index e56e544649..2d355e7572 100644 --- a/code/game/machinery/camera/camera_assembly.dm +++ b/code/game/machinery/camera/camera_assembly.dm @@ -90,7 +90,7 @@ var/area/camera_area = get_area(src) var/temptag = "[sanitize(camera_area.name)] ([rand(1, 999)])" - input = sanitizeSafe(input(usr, "How would you like to name the camera?", "Set Camera Name", temptag)) + input = sanitizeSafe(input(usr, "How would you like to name the camera?", "Set Camera Name", temptag), MAX_NAME_LEN) state = 4 var/obj/machinery/camera/C = new(src.loc) diff --git a/code/game/machinery/newscaster.dm b/code/game/machinery/newscaster.dm index 3a238e24b0..c902bdcd66 100644 --- a/code/game/machinery/newscaster.dm +++ b/code/game/machinery/newscaster.dm @@ -496,7 +496,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co if ((usr.contents.Find(src) || ((get_dist(src, usr) <= 1) && istype(src.loc, /turf))) || (istype(usr, /mob/living/silicon))) usr.set_machine(src) if(href_list["set_channel_name"]) - src.channel_name = sanitizeSafe(input(usr, "Provide a Feed Channel Name", "Network Channel Handler", "")) + src.channel_name = sanitizeSafe(input(usr, "Provide a Feed Channel Name", "Network Channel Handler", ""), MAX_LNAME_LEN) src.updateUsrDialog() //src.update_icon() @@ -596,7 +596,7 @@ var/list/obj/machinery/newscaster/allCasters = list() //Global list that will co src.updateUsrDialog() else if(href_list["set_wanted_name"]) - src.channel_name = sanitizeSafe(input(usr, "Provide the name of the Wanted person", "Network Security Handler", "")) + src.channel_name = sanitizeSafe(input(usr, "Provide the name of the Wanted person", "Network Security Handler", ""), MAX_LNAME_LEN) src.updateUsrDialog() else if(href_list["set_wanted_desc"]) diff --git a/code/game/machinery/portable_turret.dm b/code/game/machinery/portable_turret.dm index 5e2c4b69cb..2346a10447 100644 --- a/code/game/machinery/portable_turret.dm +++ b/code/game/machinery/portable_turret.dm @@ -817,8 +817,7 @@ return if(istype(I, /obj/item/weapon/pen)) //you can rename turrets like bots! - var/t = input(user, "Enter new turret name", name, finish_name) as text - t = sanitize(t) + var/t = sanitizeSafe(input(user, "Enter new turret name", name, finish_name) as text, MAX_NAME_LEN) if(!t) return if(!in_range(src, usr) && loc != usr) diff --git a/code/game/machinery/requests_console.dm b/code/game/machinery/requests_console.dm index 3c7e1613b9..e624e61d58 100644 --- a/code/game/machinery/requests_console.dm +++ b/code/game/machinery/requests_console.dm @@ -250,7 +250,7 @@ var/list/obj/machinery/requests_console/allConsoles = list() if(href_list["sendAnnouncement"]) if(!announcementConsole) return - announcement.Announce(message) + announcement.Announce(message, msg_sanitized = 1) reset_announce() screen = 0 diff --git a/code/game/objects/items/bodybag.dm b/code/game/objects/items/bodybag.dm index fcbebdba20..8548e4783e 100644 --- a/code/game/objects/items/bodybag.dm +++ b/code/game/objects/items/bodybag.dm @@ -49,7 +49,7 @@ return if (!in_range(src, user) && src.loc != user) return - t = sanitize(t) + t = sanitizeSafe(t, MAX_NAME_LEN) if (t) src.name = "body bag - " src.name += t diff --git a/code/game/objects/items/weapons/cards_ids.dm b/code/game/objects/items/weapons/cards_ids.dm index 6a1ee735f4..393f10363a 100644 --- a/code/game/objects/items/weapons/cards_ids.dm +++ b/code/game/objects/items/weapons/cards_ids.dm @@ -224,13 +224,13 @@ /obj/item/weapon/card/id/syndicate/attack_self(mob/user as mob) if(!src.registered_name) //Stop giving the players unsanitized unputs! You are giving ways for players to intentionally crash clients! -Nodrak - var t = sanitizeName(input(user, "What name would you like to put on this card?", "Agent card name", ishuman(user) ? user.real_name : user.name)) + var t = sanitizeName(input(user, "What name would you like to put on this card?", "Agent card name", ishuman(user) ? user.real_name : user.name), MAX_NAME_LEN) if(!t) //Same as mob/new_player/prefrences.dm alert("Invalid name.") return src.registered_name = t - var u = sanitize(input(user, "What occupation would you like to put on this card?\nNote: This will not grant any access levels other than Maintenance.", "Agent card job assignment", "Agent")) + var u = sanitize(input(user, "What occupation would you like to put on this card?\nNote: This will not grant any access levels other than Maintenance.", "Agent card job assignment", "Agent"), MAX_LNAME_LEN) if(!u) alert("Invalid assignment.") src.registered_name = "" diff --git a/code/game/objects/items/weapons/implants/implantcase.dm b/code/game/objects/items/weapons/implants/implantcase.dm index ddb76b3656..48aea7a5e1 100644 --- a/code/game/objects/items/weapons/implants/implantcase.dm +++ b/code/game/objects/items/weapons/implants/implantcase.dm @@ -26,7 +26,7 @@ return if((!in_range(src, usr) && src.loc != user)) return - t = sanitize(t) + t = sanitizeSafe(t, MAX_NAME_LEN) if(t) src.name = text("Glass Case - '[]'", t) else diff --git a/code/game/objects/structures/mirror.dm b/code/game/objects/structures/mirror.dm index 83f295f9ef..dc18b06e6c 100644 --- a/code/game/objects/structures/mirror.dm +++ b/code/game/objects/structures/mirror.dm @@ -83,8 +83,7 @@ if(user.mind) user.mind.transfer_to(vox) spawn(1) - var/newname = input(vox,"Enter a name, or leave blank for the default name.", "Name change","") as text - newname = sanitize(newname) + var/newname = sanitizeSafe(input(vox,"Enter a name, or leave blank for the default name.", "Name change","") as text, MAX_NAME_LEN) if(!newname || newname == "") var/datum/language/L = all_languages[vox.species.default_language] newname = L.get_random_name() diff --git a/code/game/objects/structures/morgue.dm b/code/game/objects/structures/morgue.dm index 1f597b0c96..f30c4d854d 100644 --- a/code/game/objects/structures/morgue.dm +++ b/code/game/objects/structures/morgue.dm @@ -92,7 +92,7 @@ return if ((!in_range(src, usr) && src.loc != user)) return - t = sanitize(t) + t = sanitizeSafe(t, MAX_NAME_LEN) if (t) src.name = text("Morgue- '[]'", t) else @@ -258,7 +258,7 @@ return if ((!in_range(src, usr) > 1 && src.loc != user)) return - t = sanitize(t) + t = sanitizeSafe(t, MAX_NAME_LEN) if (t) src.name = text("Crematorium- '[]'", t) else diff --git a/code/modules/clothing/spacesuits/rig/modules/utility.dm b/code/modules/clothing/spacesuits/rig/modules/utility.dm index b4a622075e..99214a4dc1 100644 --- a/code/modules/clothing/spacesuits/rig/modules/utility.dm +++ b/code/modules/clothing/spacesuits/rig/modules/utility.dm @@ -280,7 +280,7 @@ voice_holder.active = 0 usr << "You disable the speech synthesiser." if("Set Name") - var/raw_choice = sanitize(input(usr, "Please enter a new name.") as text|null) + var/raw_choice = sanitize(input(usr, "Please enter a new name.") as text|null, MAX_NAME_LEN) if(!raw_choice) return 0 voice_holder.voice = raw_choice diff --git a/code/modules/economy/EFTPOS.dm b/code/modules/economy/EFTPOS.dm index c2561423f4..844ea3efac 100644 --- a/code/modules/economy/EFTPOS.dm +++ b/code/modules/economy/EFTPOS.dm @@ -167,7 +167,7 @@ if("change_id") var/attempt_code = text2num(input("Re-enter the current EFTPOS access code", "Confirm EFTPOS code")) if(attempt_code == access_code) - eftpos_name = sanitize(input("Enter a new terminal ID for this device", "Enter new EFTPOS ID")) + " EFTPOS scanner" + eftpos_name = sanitize(input("Enter a new terminal ID for this device", "Enter new EFTPOS ID"), MAX_NAME_LEN) + " EFTPOS scanner" print_reference() else usr << "\icon[src]Incorrect code entered." diff --git a/code/modules/hydroponics/seed_mobs.dm b/code/modules/hydroponics/seed_mobs.dm index d31f184380..3e0e8994c2 100644 --- a/code/modules/hydroponics/seed_mobs.dm +++ b/code/modules/hydroponics/seed_mobs.dm @@ -73,8 +73,7 @@ host << "You are [host], one of a race of drifting interstellar plantlike creatures that sometimes share their seeds with human traders." host << "Too much darkness will send you into shock and starve you, but light will help you heal." - var/newname = input(host,"Enter a name, or leave blank for the default name.", "Name change","") as text - newname = sanitize(newname) + var/newname = sanitizeSafe(input(host,"Enter a name, or leave blank for the default name.", "Name change","") as text, MAX_NAME_LEN) if (newname != "") host.real_name = newname host.name = host.real_name \ No newline at end of file diff --git a/code/modules/library/lib_items.dm b/code/modules/library/lib_items.dm index 279be15775..192efd5ecf 100644 --- a/code/modules/library/lib_items.dm +++ b/code/modules/library/lib_items.dm @@ -31,7 +31,7 @@ O.loc = src update_icon() else if(istype(O, /obj/item/weapon/pen)) - var/newname = sanitizeSafe(input("What would you like to title this bookshelf?"), MAX_MESSAGE_LEN) + var/newname = sanitizeSafe(input("What would you like to title this bookshelf?"), MAX_NAME_LEN) if(!newname) return else diff --git a/code/modules/mob/dead/observer/say.dm b/code/modules/mob/dead/observer/say.dm index be9f1615e0..6f7d99c616 100644 --- a/code/modules/mob/dead/observer/say.dm +++ b/code/modules/mob/dead/observer/say.dm @@ -18,7 +18,7 @@ /mob/dead/observer/emote(var/act, var/type, var/message) - message = sanitize(message) + //message = sanitize(message) - already sanitized in verb/me_verb() if(!message) return diff --git a/code/modules/mob/living/carbon/brain/say.dm b/code/modules/mob/living/carbon/brain/say.dm index d5ac4f756d..d933dc5d47 100644 --- a/code/modules/mob/living/carbon/brain/say.dm +++ b/code/modules/mob/living/carbon/brain/say.dm @@ -3,6 +3,8 @@ if (silent) return + message = sanitize(message) + if(!(container && istype(container, /obj/item/device/mmi))) return //No MMI, can't speak, bucko./N else diff --git a/code/modules/mob/living/carbon/human/human.dm b/code/modules/mob/living/carbon/human/human.dm index 1e693fd63f..6acbcb993e 100644 --- a/code/modules/mob/living/carbon/human/human.dm +++ b/code/modules/mob/living/carbon/human/human.dm @@ -863,11 +863,11 @@ var/list/creatures = list() for(var/mob/living/carbon/h in world) creatures += h - var/mob/target = input ("Who do you want to project your mind to ?") as null|anything in creatures + var/mob/target = input("Who do you want to project your mind to ?") as null|anything in creatures if (isnull(target)) return - var/say = input ("What do you wish to say") + var/say = sanitize(input("What do you wish to say")) if(mRemotetalk in target.mutations) target.show_message("\blue You hear [src.real_name]'s voice: [say]") else @@ -1368,4 +1368,4 @@ /mob/living/carbon/human/drop_from_inventory(var/obj/item/W, var/atom/Target = null) if(W in organs) return - ..() \ No newline at end of file + ..() diff --git a/code/modules/mob/living/carbon/metroid/say.dm b/code/modules/mob/living/carbon/metroid/say.dm index f1a1761908..cd07f6bf3b 100644 --- a/code/modules/mob/living/carbon/metroid/say.dm +++ b/code/modules/mob/living/carbon/metroid/say.dm @@ -1,4 +1,7 @@ /mob/living/carbon/slime/say(var/message) + + message = sanitize(message) + var/verb = say_quote(message) if(copytext(message,1,2) == "*") diff --git a/code/modules/mob/living/silicon/pai/recruit.dm b/code/modules/mob/living/silicon/pai/recruit.dm index 195d58fb34..294ee51562 100644 --- a/code/modules/mob/living/silicon/pai/recruit.dm +++ b/code/modules/mob/living/silicon/pai/recruit.dm @@ -55,9 +55,9 @@ var/datum/paiController/paiController // Global handler for pAI candidates switch(option) if("name") - t = input("Enter a name for your pAI", "pAI Name", candidate.name) as text + t = sanitizeSafe(input("Enter a name for your pAI", "pAI Name", candidate.name) as text, MAX_NAME_LEN) if(t) - candidate.name = sanitizeSafe(t, MAX_NAME_LEN) + candidate.name = t if("desc") t = input("Enter a description for your pAI", "pAI Description", candidate.description) as message if(t) diff --git a/code/modules/mob/living/simple_animal/parrot.dm b/code/modules/mob/living/simple_animal/parrot.dm index 729bb3ff05..a05f394177 100644 --- a/code/modules/mob/living/simple_animal/parrot.dm +++ b/code/modules/mob/living/simple_animal/parrot.dm @@ -714,7 +714,7 @@ if(message_mode) if(message_mode in radiochannels) if(ears && istype(ears,/obj/item/device/radio)) - ears.talk_into(src,message, message_mode, verb, null) + ears.talk_into(src,sanitize(message), message_mode, verb, null) ..(message) diff --git a/code/modules/mob/mob.dm b/code/modules/mob/mob.dm index 482ec2e3a1..48cf3b7255 100644 --- a/code/modules/mob/mob.dm +++ b/code/modules/mob/mob.dm @@ -263,7 +263,6 @@ set name = "Add Note" set category = "IC" - msg = copytext(msg, 1, MAX_MESSAGE_LEN) msg = sanitize(msg) if(mind) diff --git a/code/modules/paperwork/handlabeler.dm b/code/modules/paperwork/handlabeler.dm index 5006af6cc3..ea5488152d 100644 --- a/code/modules/paperwork/handlabeler.dm +++ b/code/modules/paperwork/handlabeler.dm @@ -58,7 +58,7 @@ if(mode) user << "You turn on \the [src]." //Now let them chose the text. - var/str = copytext(reject_bad_text(input(user,"Label text?","Set label","")),1,MAX_NAME_LEN) + var/str = sanitizeSafe(input(user,"Label text?","Set label",""), MAX_NAME_LEN) if(!str || !length(str)) user << "Invalid text." return diff --git a/code/modules/reagents/Chemistry-Machinery.dm b/code/modules/reagents/Chemistry-Machinery.dm index 4c857a51c3..366649d695 100644 --- a/code/modules/reagents/Chemistry-Machinery.dm +++ b/code/modules/reagents/Chemistry-Machinery.dm @@ -406,7 +406,7 @@ if(type in diseases) // Make sure this is a disease D = new type(0, null) var/list/data = list("viruses"=list(D)) - var/name = sanitizeSafe(input(usr,"Name:","Name the culture",D.name)) + var/name = sanitizeSafe(input(usr,"Name:","Name the culture",D.name), MAX_NAME_LEN) if(!name || name == " ") name = D.name B.name = "[name] culture bottle" B.desc = "A small bottle. Contains [D.agent] culture in synthblood medium." diff --git a/code/setup.dm b/code/setup.dm index 29ea83aeaf..564b96dc04 100644 --- a/code/setup.dm +++ b/code/setup.dm @@ -255,7 +255,7 @@ #define slot_legs 21 #define slot_tie 22 -// Mob sprite sheets. These need to be strings as numbers +// Mob sprite sheets. These need to be strings as numbers // cannot be used as associative list keys. #define icon_l_hand "slot_l_hand" #define icon_r_hand "slot_r_hand" @@ -756,6 +756,7 @@ var/list/be_special_flags = list( #define MAX_MESSAGE_LEN 1024 #define MAX_PAPER_MESSAGE_LEN 3072 #define MAX_BOOK_MESSAGE_LEN 9216 +#define MAX_LNAME_LEN 64 #define MAX_NAME_LEN 26 // Event defines.