Mirrors/overte-HifiExperiments
3
0
Fork 0
mirror of https://github.com/HifiExperiments/overte.git synced 2025-04-19 12:13:03 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #9065 from huffman/fix/script-engine-abuse

Browse source 
Fix deleteLater() vulnerability in scripts
This commit is contained in:
Ryan Huffman 2017-01-09 11:02:28 -08:00 committed by GitHub
commit 39070fe0d1
2 changed files with 10 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
libraries/script-engine/src/ScriptEngine.cpp
View file

@ -66,6 +66,8 @@
#include "MIDIEvent.h"
static const QString SCRIPT_EXCEPTION_FORMAT = "[UncaughtException] %1 in %2:%3";
static const QScriptEngine::QObjectWrapOptions DEFAULT_QOBJECT_WRAP_OPTIONS =
QScriptEngine::ExcludeDeleteLater | QScriptEngine::ExcludeChildObjects;
Q_DECLARE_METATYPE(QScriptEngine::FunctionSignature)
int functionSignatureMetaID = qRegisterMetaType<QScriptEngine::FunctionSignature>();
@ -94,7 +96,7 @@ static QScriptValue debugPrint(QScriptContext* context, QScriptEngine* engine){
}
QScriptValue avatarDataToScriptValue(QScriptEngine* engine, AvatarData* const &in) {
return engine->newQObject(in);
return engine->newQObject(in, QScriptEngine::QtOwnership, DEFAULT_QOBJECT_WRAP_OPTIONS);
}
void avatarDataFromScriptValue(const QScriptValue &object, AvatarData* &out) {
@ -105,7 +107,7 @@ Q_DECLARE_METATYPE(controller::InputController*)
//static int inputControllerPointerId = qRegisterMetaType<controller::InputController*>();
QScriptValue inputControllerToScriptValue(QScriptEngine *engine, controller::InputController* const &in) {
return engine->newQObject(in);
return engine->newQObject(in, QScriptEngine::QtOwnership, DEFAULT_QOBJECT_WRAP_OPTIONS);
}
void inputControllerFromScriptValue(const QScriptValue &object, controller::InputController* &out) {
@ -459,7 +461,8 @@ static QScriptValue scriptableResourceToScriptValue(QScriptEngine* engine, const
auto object = engine->newQObject(
const_cast<ScriptableResourceRawPtr>(resource),
QScriptEngine::ScriptOwnership);
QScriptEngine::ScriptOwnership,
DEFAULT_QOBJECT_WRAP_OPTIONS);
return object;
}
@ -478,7 +481,8 @@ static QScriptValue createScriptableResourcePrototype(QScriptEngine* engine) {
state->setProperty(metaEnum.key(i), metaEnum.value(i));
}
auto prototypeState = engine->newQObject(state, QScriptEngine::QtOwnership, QScriptEngine::ExcludeSlots | QScriptEngine::ExcludeSuperClassMethods);
auto prototypeState = engine->newQObject(state, QScriptEngine::QtOwnership,
QScriptEngine::ExcludeDeleteLater | QScriptEngine::ExcludeSlots | QScriptEngine::ExcludeSuperClassMethods);
prototype.setProperty("State", prototypeState);
return prototype;
@ -611,7 +615,7 @@ void ScriptEngine::registerGlobalObject(const QString& name, QObject* object) {
if (!globalObject().property(name).isValid()) {
if (object) {
QScriptValue value = newQObject(object);
QScriptValue value = newQObject(object, QScriptEngine::QtOwnership, DEFAULT_QOBJECT_WRAP_OPTIONS);
globalObject().setProperty(name, value);
} else {
globalObject().setProperty(name, QScriptValue());

2
libraries/shared/src/SpatiallyNestable.cpp
View file

@ -489,7 +489,7 @@ glm::vec3 SpatiallyNestable::getVelocity() const {
bool success;
glm::vec3 result = getVelocity(success);
if (!success) {
qCDebug(shared) << "Warning -- setVelocity failed" << getID();
qCDebug(shared) << "Warning -- getVelocity failed" << getID();
}
return result;
}