Merge Fix dos attack (mr-634)

e8188ba - fix(citizen-resources-core): latent event locking 01f9081 - fix(citizen-scripting-lua): empty resource name result 47986cf - tweak(citizen-resources-core): latent event adjustments 7c5e81a - tweak(client): adjust to new net form data f2fef8d - feat(tests): add form data decode tests 1e75a12 - tweak(citizen-server-impl): use new net form data decode 3d215ca - feat(net): add DecodeFormData, UrlDecode
citizenfx · Dec 23, 2024 · 05bfe6e · 05bfe6e
2 parents c970038 + e8188ba
commit 05bfe6e
Show file tree

Hide file tree

Showing 16 changed files with 380 additions and 231 deletions.
diff --git a/code/client/citicore/ComponentLoader.cpp b/code/client/citicore/ComponentLoader.cpp
@@ -101,7 +101,7 @@ void ComponentLoader::InitializeWithString(std::string_view cacheBuf)
 		// don't load some useless stuff for ChromeBrowser
 		if (wcsstr(moduleName, L"ChromeBrowser"))
 		{
-			if (nameWide != L"nui-core" && nameWide != L"vfs-core")
+			if (nameWide != L"nui-core" && nameWide != L"vfs-core" && nameWide != L"net-base")
 			{
 				continue;
 			}

diff --git a/code/client/shared/Utils.cpp b/code/client/shared/Utils.cpp
@@ -231,45 +231,6 @@ fwString url_encode(const fwString &value)
 	return fwString(escaped.str().c_str());
 }
 
-bool UrlDecode(const std::string& in, std::string& out, bool replacePlus)
-{
-	out.clear();
-	out.reserve(in.size());
-	for (std::size_t i = 0; i < in.size(); ++i)
-	{
-		if (in[i] == '%')
-		{
-			if (i + 3 <= in.size())
-			{
-				int value = 0;
-				std::istringstream is(in.substr(i + 1, 2));
-				if (is >> std::hex >> value)
-				{
-					out += static_cast<char>(value);
-					i += 2;
-				}
-				else
-				{
-					return false;
-				}
-			}
-			else
-			{
-				return false;
-			}
-		}
-		else if (in[i] == '+' && replacePlus)
-		{
-			out += ' ';
-		}
-		else
-		{
-			out += in[i];
-		}
-	}
-	return true;
-}
-
 std::string ToNarrow(std::wstring_view wide)
 {
 	std::string outVec;
@@ -310,52 +271,3 @@ std::wstring ToWide(std::string_view narrow)
 	return std::move(outVec);
 }
 
-std::map<std::string, std::string> ParsePOSTString(const std::string_view& postDataString)
-{
-	std::map<std::string, std::string> postMap;
-
-	for (int i = 0; i < postDataString.size(); i++)
-	{
-		int keyIndex = 0;
-		int keyLen = 0;
-		for (int keyItr = i; keyItr < postDataString.size(); keyItr++)
-		{
-			if (postDataString[keyItr] == '=')
-			{
-				break;
-			}
-			keyLen++;
-		}
-
-		keyIndex = i;
-		i = (i + keyLen + 1);
-
-		int valueLen = 0;
-		for (int valueItr = i; valueItr < postDataString.size(); valueItr++)
-		{
-			if (postDataString[valueItr] == '&')
-			{
-				break;
-			}
-			valueLen++;
-		}
-
-		if (valueLen)
-		{
-			std::string key(&postDataString[keyIndex], keyLen);
-			std::string value(&postDataString[i], valueLen);
-
-			std::string keyDecoded;
-			std::string valueDecoded;
-
-			UrlDecode(key, keyDecoded);
-			UrlDecode(value, valueDecoded);
-
-			postMap[keyDecoded] = valueDecoded;
-		}
-
-		i += valueLen;
-	}
-
-	return postMap;
-}
diff --git a/code/client/shared/Utils.h b/code/client/shared/Utils.h
@@ -286,16 +286,13 @@ inline void LowerString(fwString& string)
 }
 
 fwString url_encode(const fwString &value);
-bool UrlDecode(const std::string& in, std::string& out, bool replacePlus = true);
 void CreateDirectoryAnyDepth(const char *path);
 
 void SetThreadName(int threadId, const char* threadName);
 
 std::wstring ToWide(std::string_view narrow);
 std::string ToNarrow(std::wstring_view wide);
 
-std::map<std::string, std::string> ParsePOSTString(const std::string_view& postDataString);
-
 #ifdef COMPILING_CORE
 extern "C" bool DLL_EXPORT CoreIsDebuggerPresent();
 extern "C" void DLL_EXPORT CoreSetDebuggerPresent();