Yesterday, when playing around with my network code, I realized there is
a security issue in decode_variant, at least when decoding PoolArrays.
Basically, the size of the PoolArray is encoded in a uint32_t, when
decoding it, that value is cast to int when comparing if the packet is
actually that size causing numbers with MSB=1 to be interpreted as
negative thus always passing the check. That same value though, is used
as uint32_t again to resize the output vector. For this reason, sending
a malformed packet with declared type PoolByteArray and size of 2^31(+x)
causes the engine to try to allocate 2+GB of pool memory, causing the
engine to crash.
(cherry picked from commit 5262d1bbcc)
This commit makes operator[] on Vector const and adds a write proxy to it. From
now on writes to Vectors need to happen through the .write proxy. So for
instance:
Vector<int> vec;
vec.push_back(10);
std::cout << vec[0] << std::endl;
vec.write[0] = 20;
Failing to use the .write proxy will cause a compilation error.
In addition COWable datatypes can now embed a CowData pointer to their data.
This means that String, CharString, and VMap no longer use or derive from
Vector.
_ALWAYS_INLINE_ and _FORCE_INLINE_ are now equivalent for debug and non-debug
builds. This is a lot faster for Vector in the editor and while running tests.
The reason why this difference used to exist is because force-inlined methods
used to give a bad debugging experience. After extensive testing with modern
compilers this is no longer the case.
Before this change, missing User-Agent and Accept headers were automatically
added on all platforms. Setting the User-Agent header forces the browser to
do a CORS preflight (see 1) which fails if the HTTP endpoint is not
configured appropriate. It's not neccesary to set either header as the
browser sets them and so this commit disables that functionality on the JS
target.
1: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Simple_requests
Implements the same heuristic as Curl (and web browsers): if no `Content-Length`, no `Connection: keep-alive` and no chunked transfer encoding, assume th rest of the data until EOF is the body, gracefully setting the HTTP client back to the disconnected state.
Theoretically, this is not compliant with HTTP 1.1, by which `keep-alive` is the default, but in practice, an explicit header is sent by servers.
There was a percent-prefixed version, which was exposed, and a http-prefixed version which was not (only to GDNative).
This commit keeps the percent-prefixed versions, but with the http-prefixed implementations.
This commit fixes issue #17585: renaming/moving resources can corrupt
scene files. The corruption was caused by
'ResourceFormatLoaderBinary::rename_dependencies' updating the file
format version field of the affected scene file to the latest version
without actually updating the content of the file to that version,
resulting in a file whose content does not match its file format version
field. The fix preserves the file format version field and the engine
version fields when renaming dependencies.
When adding a directory path to the inventory of the pack, an empty file name was being added to the file list. That made `Directory.get_ntext()` signal end-of-list too early so that files in a subdirectory were missed.
Fixes#15801.
Helps with #16798.
Found via `codespell -q 3 --skip="./thirdparty,./editor/translations" -I ../godot-word-whitelist.txt`
Whitelist consists of:
```
ang
doubleclick
lod
nd
que
te
unselect
```
