OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* [SECURITY] Implements additional packet security checks for Object related packets. 

* Note: as with the last commit, this requires additional testing.
* This represents 2/8ths of packets now being checked appropriately.
0.6.5-rc1
Adam Frisby 2009-04-08 06:41:52 +00:00
parent 2bd6a915a0
commit 5118f88bc4
1 changed files with 250 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

250
OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
View File

@ -5269,6 +5269,16 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectLink: case PacketType.ObjectLink:
ObjectLinkPacket link = (ObjectLinkPacket)Pack; ObjectLinkPacket link = (ObjectLinkPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (link.AgentData.SessionID != SessionId ||
link.AgentData.AgentID != AgentId)
break;
}
#endregion
uint parentprimid = 0; uint parentprimid = 0;
List<uint> childrenprims = new List<uint>(); List<uint> childrenprims = new List<uint>();
if (link.ObjectData.Length > 1) if (link.ObjectData.Length > 1)
@ -5290,6 +5300,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectDelink: case PacketType.ObjectDelink:
ObjectDelinkPacket delink = (ObjectDelinkPacket)Pack; ObjectDelinkPacket delink = (ObjectDelinkPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (delink.AgentData.SessionID != SessionId ||
delink.AgentData.AgentID != AgentId)
break;
}
#endregion
// It appears the prim at index 0 is not always the root prim (for // It appears the prim at index 0 is not always the root prim (for
// instance, when one prim of a link set has been edited independently // instance, when one prim of a link set has been edited independently
// of the others). Therefore, we'll pass all the ids onto the delink // of the others). Therefore, we'll pass all the ids onto the delink
@ -5311,6 +5330,16 @@ namespace OpenSim.Region.ClientStack.LindenUDP
if (OnAddPrim != null) if (OnAddPrim != null)
{ {
ObjectAddPacket addPacket = (ObjectAddPacket)Pack; ObjectAddPacket addPacket = (ObjectAddPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (addPacket.AgentData.SessionID != SessionId ||
addPacket.AgentData.AgentID != AgentId)
break;
}
#endregion
PrimitiveBaseShape shape = GetShapeFromAddPacket(addPacket); PrimitiveBaseShape shape = GetShapeFromAddPacket(addPacket);
// m_log.Info("[REZData]: " + addPacket.ToString()); // m_log.Info("[REZData]: " + addPacket.ToString());
//BypassRaycast: 1 //BypassRaycast: 1
@ -5329,6 +5358,16 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectShape: case PacketType.ObjectShape:
ObjectShapePacket shapePacket = (ObjectShapePacket)Pack; ObjectShapePacket shapePacket = (ObjectShapePacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (shapePacket.AgentData.SessionID != SessionId ||
shapePacket.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerUpdatePrimShape = null; handlerUpdatePrimShape = null;
for (int i = 0; i < shapePacket.ObjectData.Length; i++) for (int i = 0; i < shapePacket.ObjectData.Length; i++)
{ {
@ -5365,6 +5404,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectExtraParams: case PacketType.ObjectExtraParams:
ObjectExtraParamsPacket extraPar = (ObjectExtraParamsPacket)Pack; ObjectExtraParamsPacket extraPar = (ObjectExtraParamsPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (extraPar.AgentData.SessionID != SessionId ||
extraPar.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerUpdateExtraParams = OnUpdateExtraParams; handlerUpdateExtraParams = OnUpdateExtraParams;
if (handlerUpdateExtraParams != null) if (handlerUpdateExtraParams != null)
{ {
@ -5375,6 +5423,16 @@ namespace OpenSim.Region.ClientStack.LindenUDP
break; break;
case PacketType.ObjectDuplicate: case PacketType.ObjectDuplicate:
ObjectDuplicatePacket dupe = (ObjectDuplicatePacket)Pack; ObjectDuplicatePacket dupe = (ObjectDuplicatePacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (dupe.AgentData.SessionID != SessionId ||
dupe.AgentData.AgentID != AgentId)
break;
}
#endregion
ObjectDuplicatePacket.AgentDataBlock AgentandGroupData = dupe.AgentData; ObjectDuplicatePacket.AgentDataBlock AgentandGroupData = dupe.AgentData;
handlerObjectDuplicate = null; handlerObjectDuplicate = null;
@ -5395,6 +5453,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectSelect: case PacketType.ObjectSelect:
ObjectSelectPacket incomingselect = (ObjectSelectPacket)Pack; ObjectSelectPacket incomingselect = (ObjectSelectPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (incomingselect.AgentData.SessionID != SessionId ||
incomingselect.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerObjectSelect = null; handlerObjectSelect = null;
for (int i = 0; i < incomingselect.ObjectData.Length; i++) for (int i = 0; i < incomingselect.ObjectData.Length; i++)
@ -5409,6 +5476,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectDeselect: case PacketType.ObjectDeselect:
ObjectDeselectPacket incomingdeselect = (ObjectDeselectPacket)Pack; ObjectDeselectPacket incomingdeselect = (ObjectDeselectPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (incomingdeselect.AgentData.SessionID != SessionId ||
incomingdeselect.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerObjectDeselect = null; handlerObjectDeselect = null;
for (int i = 0; i < incomingdeselect.ObjectData.Length; i++) for (int i = 0; i < incomingdeselect.ObjectData.Length; i++)
@ -5424,6 +5500,16 @@ namespace OpenSim.Region.ClientStack.LindenUDP
// DEPRECATED: but till libsecondlife removes it, people will use it // DEPRECATED: but till libsecondlife removes it, people will use it
ObjectPositionPacket position = (ObjectPositionPacket)Pack; ObjectPositionPacket position = (ObjectPositionPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (position.AgentData.SessionID != SessionId ||
position.AgentData.AgentID != AgentId)
break;
}
#endregion
for (int i = 0; i < position.ObjectData.Length; i++) for (int i = 0; i < position.ObjectData.Length; i++)
{ {
handlerUpdateVector = OnUpdatePrimGroupPosition; handlerUpdateVector = OnUpdatePrimGroupPosition;
@ -5436,6 +5522,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
// DEPRECATED: but till libsecondlife removes it, people will use it // DEPRECATED: but till libsecondlife removes it, people will use it
ObjectScalePacket scale = (ObjectScalePacket)Pack; ObjectScalePacket scale = (ObjectScalePacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (scale.AgentData.SessionID != SessionId ||
scale.AgentData.AgentID != AgentId)
break;
}
#endregion
for (int i = 0; i < scale.ObjectData.Length; i++) for (int i = 0; i < scale.ObjectData.Length; i++)
{ {
handlerUpdatePrimGroupScale = OnUpdatePrimGroupScale; handlerUpdatePrimGroupScale = OnUpdatePrimGroupScale;
@ -5448,6 +5543,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
// DEPRECATED: but till libsecondlife removes it, people will use it // DEPRECATED: but till libsecondlife removes it, people will use it
ObjectRotationPacket rotation = (ObjectRotationPacket)Pack; ObjectRotationPacket rotation = (ObjectRotationPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (rotation.AgentData.SessionID != SessionId ||
rotation.AgentData.AgentID != AgentId)
break;
}
#endregion
for (int i = 0; i < rotation.ObjectData.Length; i++) for (int i = 0; i < rotation.ObjectData.Length; i++)
{ {
handlerUpdatePrimRotation = OnUpdatePrimGroupRotation; handlerUpdatePrimRotation = OnUpdatePrimGroupRotation;
@ -5459,6 +5563,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectFlagUpdate: case PacketType.ObjectFlagUpdate:
ObjectFlagUpdatePacket flags = (ObjectFlagUpdatePacket)Pack; ObjectFlagUpdatePacket flags = (ObjectFlagUpdatePacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (flags.AgentData.SessionID != SessionId ||
flags.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerUpdatePrimFlags = OnUpdatePrimFlags; handlerUpdatePrimFlags = OnUpdatePrimFlags;
if (handlerUpdatePrimFlags != null) if (handlerUpdatePrimFlags != null)
@ -5490,6 +5603,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectGrab: case PacketType.ObjectGrab:
ObjectGrabPacket grab = (ObjectGrabPacket)Pack; ObjectGrabPacket grab = (ObjectGrabPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (grab.AgentData.SessionID != SessionId ||
grab.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerGrabObject = OnGrabObject; handlerGrabObject = OnGrabObject;
if (handlerGrabObject != null) if (handlerGrabObject != null)
@ -5515,6 +5637,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectGrabUpdate: case PacketType.ObjectGrabUpdate:
ObjectGrabUpdatePacket grabUpdate = (ObjectGrabUpdatePacket)Pack; ObjectGrabUpdatePacket grabUpdate = (ObjectGrabUpdatePacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (grabUpdate.AgentData.SessionID != SessionId ||
grabUpdate.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerGrabUpdate = OnGrabUpdate; handlerGrabUpdate = OnGrabUpdate;
if (handlerGrabUpdate != null) if (handlerGrabUpdate != null)
@ -5541,6 +5672,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectDeGrab: case PacketType.ObjectDeGrab:
ObjectDeGrabPacket deGrab = (ObjectDeGrabPacket)Pack; ObjectDeGrabPacket deGrab = (ObjectDeGrabPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (deGrab.AgentData.SessionID != SessionId ||
deGrab.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerDeGrabObject = OnDeGrabObject; handlerDeGrabObject = OnDeGrabObject;
if (handlerDeGrabObject != null) if (handlerDeGrabObject != null)
{ {
@ -5551,6 +5691,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
//m_log.Warn("[CLIENT]: unhandled ObjectSpinStart packet"); //m_log.Warn("[CLIENT]: unhandled ObjectSpinStart packet");
ObjectSpinStartPacket spinStart = (ObjectSpinStartPacket)Pack; ObjectSpinStartPacket spinStart = (ObjectSpinStartPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (spinStart.AgentData.SessionID != SessionId ||
spinStart.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerSpinStart = OnSpinStart; handlerSpinStart = OnSpinStart;
if (handlerSpinStart != null) if (handlerSpinStart != null)
{ {
@ -5560,6 +5709,16 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectSpinUpdate: case PacketType.ObjectSpinUpdate:
//m_log.Warn("[CLIENT]: unhandled ObjectSpinUpdate packet"); //m_log.Warn("[CLIENT]: unhandled ObjectSpinUpdate packet");
ObjectSpinUpdatePacket spinUpdate = (ObjectSpinUpdatePacket)Pack; ObjectSpinUpdatePacket spinUpdate = (ObjectSpinUpdatePacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (spinUpdate.AgentData.SessionID != SessionId ||
spinUpdate.AgentData.AgentID != AgentId)
break;
}
#endregion
Vector3 axis; Vector3 axis;
float angle; float angle;
spinUpdate.ObjectData.Rotation.GetAxisAngle(out axis, out angle); spinUpdate.ObjectData.Rotation.GetAxisAngle(out axis, out angle);
@ -5575,6 +5734,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
//m_log.Warn("[CLIENT]: unhandled ObjectSpinStop packet"); //m_log.Warn("[CLIENT]: unhandled ObjectSpinStop packet");
ObjectSpinStopPacket spinStop = (ObjectSpinStopPacket)Pack; ObjectSpinStopPacket spinStop = (ObjectSpinStopPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (spinStop.AgentData.SessionID != SessionId ||
spinStop.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerSpinStop = OnSpinStop; handlerSpinStop = OnSpinStop;
if (handlerSpinStop != null) if (handlerSpinStop != null)
{ {
@ -5585,6 +5753,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectDescription: case PacketType.ObjectDescription:
ObjectDescriptionPacket objDes = (ObjectDescriptionPacket)Pack; ObjectDescriptionPacket objDes = (ObjectDescriptionPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (objDes.AgentData.SessionID != SessionId ||
objDes.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerObjectDescription = null; handlerObjectDescription = null;
for (int i = 0; i < objDes.ObjectData.Length; i++) for (int i = 0; i < objDes.ObjectData.Length; i++)
@ -5616,6 +5793,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
{ {
ObjectPermissionsPacket newobjPerms = (ObjectPermissionsPacket)Pack; ObjectPermissionsPacket newobjPerms = (ObjectPermissionsPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (newobjPerms.AgentData.SessionID != SessionId ||
newobjPerms.AgentData.AgentID != AgentId)
break;
}
#endregion
UUID AgentID = newobjPerms.AgentData.AgentID; UUID AgentID = newobjPerms.AgentData.AgentID;
UUID SessionID = newobjPerms.AgentData.SessionID; UUID SessionID = newobjPerms.AgentData.SessionID;
@ -5653,6 +5839,16 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.Undo: case PacketType.Undo:
UndoPacket undoitem = (UndoPacket)Pack; UndoPacket undoitem = (UndoPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (undoitem.AgentData.SessionID != SessionId ||
undoitem.AgentData.AgentID != AgentId)
break;
}
#endregion
if (undoitem.ObjectData.Length > 0) if (undoitem.ObjectData.Length > 0)
{ {
for (int i = 0; i < undoitem.ObjectData.Length; i++) for (int i = 0; i < undoitem.ObjectData.Length; i++)
@ -5670,6 +5866,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectDuplicateOnRay: case PacketType.ObjectDuplicateOnRay:
ObjectDuplicateOnRayPacket dupeOnRay = (ObjectDuplicateOnRayPacket)Pack; ObjectDuplicateOnRayPacket dupeOnRay = (ObjectDuplicateOnRayPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (dupeOnRay.AgentData.SessionID != SessionId ||
dupeOnRay.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerObjectDuplicateOnRay = null; handlerObjectDuplicateOnRay = null;
@ -5690,6 +5895,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
//This powers the little tooltip that appears when you move your mouse over an object //This powers the little tooltip that appears when you move your mouse over an object
RequestObjectPropertiesFamilyPacket packToolTip = (RequestObjectPropertiesFamilyPacket)Pack; RequestObjectPropertiesFamilyPacket packToolTip = (RequestObjectPropertiesFamilyPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (packToolTip.AgentData.SessionID != SessionId ||
packToolTip.AgentData.AgentID != AgentId)
break;
}
#endregion
RequestObjectPropertiesFamilyPacket.ObjectDataBlock packObjBlock = packToolTip.ObjectData; RequestObjectPropertiesFamilyPacket.ObjectDataBlock packObjBlock = packToolTip.ObjectData;
handlerRequestObjectPropertiesFamily = OnRequestObjectPropertiesFamily; handlerRequestObjectPropertiesFamily = OnRequestObjectPropertiesFamily;
@ -5706,6 +5920,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
ObjectIncludeInSearchPacket packInSearch = (ObjectIncludeInSearchPacket)Pack; ObjectIncludeInSearchPacket packInSearch = (ObjectIncludeInSearchPacket)Pack;
handlerObjectIncludeInSearch = null; handlerObjectIncludeInSearch = null;
#region Packet Session and User Check
if (m_checkPackets)
{
if (packInSearch.AgentData.SessionID != SessionId ||
packInSearch.AgentData.AgentID != AgentId)
break;
}
#endregion
foreach (ObjectIncludeInSearchPacket.ObjectDataBlock objData in packInSearch.ObjectData) foreach (ObjectIncludeInSearchPacket.ObjectDataBlock objData in packInSearch.ObjectData)
{ {
bool inSearch = objData.IncludeInSearch; bool inSearch = objData.IncludeInSearch;
@ -5723,6 +5946,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ScriptAnswerYes: case PacketType.ScriptAnswerYes:
ScriptAnswerYesPacket scriptAnswer = (ScriptAnswerYesPacket)Pack; ScriptAnswerYesPacket scriptAnswer = (ScriptAnswerYesPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (scriptAnswer.AgentData.SessionID != SessionId ||
scriptAnswer.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerScriptAnswer = OnScriptAnswer; handlerScriptAnswer = OnScriptAnswer;
if (handlerScriptAnswer != null) if (handlerScriptAnswer != null)
{ {
@ -5733,6 +5965,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectClickAction: case PacketType.ObjectClickAction:
ObjectClickActionPacket ocpacket = (ObjectClickActionPacket)Pack; ObjectClickActionPacket ocpacket = (ObjectClickActionPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (ocpacket.AgentData.SessionID != SessionId ||
ocpacket.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerObjectClickAction = OnObjectClickAction; handlerObjectClickAction = OnObjectClickAction;
if (handlerObjectClickAction != null) if (handlerObjectClickAction != null)
{ {
@ -5748,6 +5989,15 @@ namespace OpenSim.Region.ClientStack.LindenUDP
case PacketType.ObjectMaterial: case PacketType.ObjectMaterial:
ObjectMaterialPacket ompacket = (ObjectMaterialPacket)Pack; ObjectMaterialPacket ompacket = (ObjectMaterialPacket)Pack;
#region Packet Session and User Check
if (m_checkPackets)
{
if (ompacket.AgentData.SessionID != SessionId ||
ompacket.AgentData.AgentID != AgentId)
break;
}
#endregion
handlerObjectMaterial = OnObjectMaterial; handlerObjectMaterial = OnObjectMaterial;
if (handlerObjectMaterial != null) if (handlerObjectMaterial != null)
{ {