Merge pull request #6707 from Citadel-Station-13/upstream-merge-37782
[MIRROR] [s] Fixes an admin unprotected var read/write exploit
This commit is contained in:
@@ -81,12 +81,14 @@
|
||||
|
||||
/obj/item/clothing/equipped(mob/user, slot)
|
||||
..()
|
||||
|
||||
if (!istype(user))
|
||||
return
|
||||
if(slot_flags & slotdefine2slotbit(slot)) //Was equipped to a valid slot for this item?
|
||||
for(var/variable in user_vars_to_edit)
|
||||
if(variable in user.vars)
|
||||
user_vars_remembered[variable] = user.vars[variable]
|
||||
user.vars[variable] = user_vars_to_edit[variable]
|
||||
if (LAZYLEN(user_vars_to_edit))
|
||||
for(var/variable in user_vars_to_edit)
|
||||
if(variable in user.vars)
|
||||
LAZYSET(user_vars_remembered, variable, user.vars[variable])
|
||||
user.vv_edit_var(variable, user_vars_to_edit[variable])
|
||||
|
||||
/obj/item/clothing/examine(mob/user)
|
||||
..()
|
||||
@@ -285,4 +287,4 @@ BLIND // can't see anything
|
||||
Shreds.desc = "The sad remains of what used to be [name]."
|
||||
deconstruct(FALSE)
|
||||
else
|
||||
..()
|
||||
..()
|
||||
|
||||
Reference in New Issue
Block a user