tommy/tbd-station-14
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sanitize the OpenSlotStorageUIMessage handling on the server.

Browse Source
This commit is contained in:
Acruid
2019-09-06 16:28:21 -07:00
parent 6ca9e16670
commit 5c40300474
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
Content.Server/GameObjects/Components/GUI/InventoryComponent.cs
View File

@@ -267,6 +267,7 @@ namespace Content.Server.GameObjects
} }
} }
/// <inheritdoc />
public override void HandleMessage(ComponentMessage message, INetChannel netChannel = null, public override void HandleMessage(ComponentMessage message, INetChannel netChannel = null,
IComponent component = null) IComponent component = null)
{ {
@@ -282,10 +283,12 @@ namespace Content.Server.GameObjects
if (playerentity == Owner) if (playerentity == Owner)
HandleInventoryMessage(msg); HandleInventoryMessage(msg);
break; break;
case OpenSlotStorageUIMessage msg: case OpenSlotStorageUIMessage msg:
ItemComponent item = GetSlotItem(msg.Slot); if (!HasSlot(msg.Slot)) // client input sanitization
ServerStorageComponent storage; return;
if (item.Owner.TryGetComponent(out storage)) var item = GetSlotItem(msg.Slot);
if (item != null && item.Owner.TryGetComponent(out ServerStorageComponent storage))
storage.OpenStorageUI(Owner); storage.OpenStorageUI(Owner);
break; break;
} }