Bug 112453

Summary: player input is accepted from invalid sources
Product: [Applications] boson Reporter: Andreas Beckermann <b_mann>
Component: generalAssignee: The Boson Team <boson-bugs>
Status: RESOLVED FIXED    
Severity: normal    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Debian testing   
OS: Linux   
Latest Commit: Version Fixed In:

Description Andreas Beckermann 2005-09-12 07:37:17 UTC 
Version:            (using KDE KDE 3.4.2)
Installed from:    Debian testing/unstable Packages

Currently player input is not checked whether it comes from a trustworthy source.
So for example in bug #112452 the scripts of an AI player can send input for the human local player.
This situation is somewhat hard to fix, as the local installation can always be modified to send faked player input. But at least the c++ source should make sure that the python scripts cannot send faked inputs.

However the situation gets even worse with network: currently a player from client A can send input for a player from client B. This should _NEVER_ be allowed.

Fixing this doesn't seem to be straight forward either: the most obvious fix would be to disallow messages to a player from a client the player doesn't come from. But a "message to a player" can also be a chat message, not just player input.
So maybe the fix should go to KPlayer::networkTransmission() - here we should check whether the sender of a message matches the source client of the player.  I think that should be possible, as the "source client" is encoded in the playerID. Player Input that comes from a different client would be simply ignored then.

CU
Andi
Comment 1 Andreas Beckermann 2005-09-20 09:08:12 UTC 
Partially fixed - Player::networkTransmission() now checks for sender being the client where the player originates from, so faked messages from network should not be possible.

However scripts are still able to send faked player inputs for players on the same client.

CU
Andi
Comment 2 Andreas Beckermann 2005-09-20 09:33:05 UTC 
Completely fixed now - scripts can send playerinput for the player the script is for only.

CU
Andi