h1or4dme8/osu-lazer
1
0
Fork 0
mirror of https://github.com/ppy/osu.git synced 2024-12-14 13:22:55 +08:00
Code Issues Releases Wiki Activity

Increase validation performed on .osu files to avoid hard crashes

Browse Source
This commit is contained in:
Dean Herbert 2019-03-12 20:31:15 +09:00
parent 13f84e8d50
commit cc09ecbfcf
3 changed files with 66 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
osu.Game/Beatmaps/Formats/LegacyBeatmapDecoder.cs
View File

@ -280,8 +280,8 @@ namespace osu.Game.Beatmaps.Formats
{ {
string[] split = line.Split(','); string[] split = line.Split(',');
double time = getOffsetTime(double.Parse(split[0].Trim(), NumberFormatInfo.InvariantInfo)); double time = getOffsetTime(Parsing.ParseDouble(split[0].Trim()));
double beatLength = double.Parse(split[1].Trim(), NumberFormatInfo.InvariantInfo); double beatLength = Parsing.ParseDouble(split[1].Trim());
double speedMultiplier = beatLength < 0 ? 100.0 / -beatLength : 1; double speedMultiplier = beatLength < 0 ? 100.0 / -beatLength : 1;
TimeSignatures timeSignature = TimeSignatures.SimpleQuadruple; TimeSignatures timeSignature = TimeSignatures.SimpleQuadruple;

45
osu.Game/Beatmaps/Formats/LegacyParser.cs Normal file
View File

@ -0,0 +1,45 @@
// Copyright (c) ppy Pty Ltd <contact@ppy.sh>. Licensed under the MIT Licence.
// See the LICENCE file in the repository root for full licence text.
using System;
using System.Globalization;
namespace osu.Game.Beatmaps.Formats
{
/// <summary>
/// Helper methods to parse from string to number and perform very basic validation.
/// </summary>
public static class Parsing
{
public const int MAX_COORDINATE_VALUE = 65536;
public const double MAX_PARSE_VALUE = int.MaxValue;
public static double ParseFloat(string input, float parseLimit = (float)MAX_PARSE_VALUE)
{
var output = float.Parse(input, CultureInfo.InvariantCulture);
if (output < -parseLimit) throw new FormatException("Value is too low");
if (output > parseLimit) throw new FormatException("Value is too high");
return output;
}
public static double ParseDouble(string input, double parseLimit = MAX_PARSE_VALUE)
{
var output = double.Parse(input, CultureInfo.InvariantCulture);
if (output < -parseLimit) throw new FormatException("Value is too low");
if (output > parseLimit) throw new FormatException("Value is too high");
return output;
}
public static int ParseInt(string input, int parseLimit = (int)MAX_PARSE_VALUE)
{
var output = int.Parse(input, CultureInfo.InvariantCulture);
if (output < -parseLimit) throw new FormatException("Value is too low");
if (output > parseLimit) throw new FormatException("Value is too high");
return output;
}
}
}

35
osu.Game/Rulesets/Objects/Legacy/ConvertHitObjectParser.cs
View File

@ -5,7 +5,6 @@ using osuTK;
using osu.Game.Rulesets.Objects.Types; using osu.Game.Rulesets.Objects.Types;
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Globalization;
using System.IO; using System.IO;
using osu.Game.Beatmaps.Formats; using osu.Game.Beatmaps.Formats;
using osu.Game.Audio; using osu.Game.Audio;
@ -46,9 +45,11 @@ namespace osu.Game.Rulesets.Objects.Legacy
{ {
string[] split = text.Split(','); string[] split = text.Split(',');
Vector2 pos = new Vector2((int)Convert.ToSingle(split[0], CultureInfo.InvariantCulture), (int)Convert.ToSingle(split[1], CultureInfo.InvariantCulture)); Vector2 pos = new Vector2((int)Parsing.ParseFloat(split[0], Parsing.MAX_COORDINATE_VALUE), (int)Parsing.ParseFloat(split[1], Parsing.MAX_COORDINATE_VALUE));
ConvertHitObjectType type = (ConvertHitObjectType)int.Parse(split[3]); double startTime = Parsing.ParseDouble(split[2]) + Offset;
ConvertHitObjectType type = (ConvertHitObjectType)Parsing.ParseInt(split[3]);
int comboOffset = (int)(type & ConvertHitObjectType.ComboOffset) >> 4; int comboOffset = (int)(type & ConvertHitObjectType.ComboOffset) >> 4;
type &= ~ConvertHitObjectType.ComboOffset; type &= ~ConvertHitObjectType.ComboOffset;
@ -56,7 +57,7 @@ namespace osu.Game.Rulesets.Objects.Legacy
bool combo = type.HasFlag(ConvertHitObjectType.NewCombo); bool combo = type.HasFlag(ConvertHitObjectType.NewCombo);
type &= ~ConvertHitObjectType.NewCombo; type &= ~ConvertHitObjectType.NewCombo;
var soundType = (LegacySoundType)int.Parse(split[4]); var soundType = (LegacySoundType)Parsing.ParseInt(split[4]);
var bankInfo = new SampleBankInfo(); var bankInfo = new SampleBankInfo();
HitObject result = null; HitObject result = null;
@ -107,7 +108,7 @@ namespace osu.Game.Rulesets.Objects.Legacy
} }
string[] temp = t.Split(':'); string[] temp = t.Split(':');
points[pointIndex++] = new Vector2((int)Convert.ToDouble(temp[0], CultureInfo.InvariantCulture), (int)Convert.ToDouble(temp[1], CultureInfo.InvariantCulture)) - pos; points[pointIndex++] = new Vector2((int)Parsing.ParseDouble(temp[0], Parsing.MAX_COORDINATE_VALUE), (int)Parsing.ParseDouble(temp[1], Parsing.MAX_COORDINATE_VALUE)) - pos;
} }
// osu-stable special-cased colinear perfect curves to a CurveType.Linear // osu-stable special-cased colinear perfect curves to a CurveType.Linear
@ -116,7 +117,7 @@ namespace osu.Game.Rulesets.Objects.Legacy
if (points.Length == 3 && pathType == PathType.PerfectCurve && isLinear(points)) if (points.Length == 3 && pathType == PathType.PerfectCurve && isLinear(points))
pathType = PathType.Linear; pathType = PathType.Linear;
int repeatCount = Convert.ToInt32(split[6], CultureInfo.InvariantCulture); int repeatCount = Parsing.ParseInt(split[6]);
if (repeatCount > 9000) if (repeatCount > 9000)
throw new ArgumentOutOfRangeException(nameof(repeatCount), @"Repeat count is way too high"); throw new ArgumentOutOfRangeException(nameof(repeatCount), @"Repeat count is way too high");
@ -125,7 +126,7 @@ namespace osu.Game.Rulesets.Objects.Legacy
repeatCount = Math.Max(0, repeatCount - 1); repeatCount = Math.Max(0, repeatCount - 1);
if (split.Length > 7) if (split.Length > 7)
length = Convert.ToDouble(split[7], CultureInfo.InvariantCulture); length = Math.Max(0, Parsing.ParseDouble(split[7]));
if (split.Length > 10) if (split.Length > 10)
readCustomSampleBanks(split[10], bankInfo); readCustomSampleBanks(split[10], bankInfo);
@ -184,7 +185,9 @@ namespace osu.Game.Rulesets.Objects.Legacy
} }
else if (type.HasFlag(ConvertHitObjectType.Spinner)) else if (type.HasFlag(ConvertHitObjectType.Spinner))
{ {
result = CreateSpinner(new Vector2(512, 384) / 2, combo, comboOffset, Convert.ToDouble(split[5], CultureInfo.InvariantCulture) + Offset); double endTime = Math.Max(startTime, Parsing.ParseDouble(split[5]) + Offset);
result = CreateSpinner(new Vector2(512, 384) / 2, combo, comboOffset, endTime);
if (split.Length > 6) if (split.Length > 6)
readCustomSampleBanks(split[6], bankInfo); readCustomSampleBanks(split[6], bankInfo);
@ -193,12 +196,12 @@ namespace osu.Game.Rulesets.Objects.Legacy
{ {
// Note: Hold is generated by BMS converts // Note: Hold is generated by BMS converts
double endTime = Convert.ToDouble(split[2], CultureInfo.InvariantCulture); double endTime = Math.Max(0, Parsing.ParseDouble(split[2]));
if (split.Length > 5 && !string.IsNullOrEmpty(split[5])) if (split.Length > 5 && !string.IsNullOrEmpty(split[5]))
{ {
string[] ss = split[5].Split(':'); string[] ss = split[5].Split(':');
endTime = Convert.ToDouble(ss[0], CultureInfo.InvariantCulture); endTime = Parsing.ParseDouble(ss[0]);
readCustomSampleBanks(string.Join(":", ss.Skip(1)), bankInfo); readCustomSampleBanks(string.Join(":", ss.Skip(1)), bankInfo);
} }
@ -211,7 +214,7 @@ namespace osu.Game.Rulesets.Objects.Legacy
return null; return null;
} }
result.StartTime = Convert.ToDouble(split[2], CultureInfo.InvariantCulture) + Offset; result.StartTime = startTime;
if (result.Samples.Count == 0) if (result.Samples.Count == 0)
result.Samples = convertSoundType(soundType, bankInfo); result.Samples = convertSoundType(soundType, bankInfo);
@ -222,7 +225,7 @@ namespace osu.Game.Rulesets.Objects.Legacy
} }
catch (FormatException) catch (FormatException)
{ {
throw new FormatException("One or more hit objects were malformed."); return null;
} }
} }
@ -233,8 +236,8 @@ namespace osu.Game.Rulesets.Objects.Legacy
string[] split = str.Split(':'); string[] split = str.Split(':');
var bank = (LegacyBeatmapDecoder.LegacySampleBank)int.Parse(split[0]); var bank = (LegacyBeatmapDecoder.LegacySampleBank)Parsing.ParseInt(split[0]);
var addbank = (LegacyBeatmapDecoder.LegacySampleBank)int.Parse(split[1]); var addbank = (LegacyBeatmapDecoder.LegacySampleBank)Parsing.ParseInt(split[1]);
string stringBank = bank.ToString().ToLowerInvariant(); string stringBank = bank.ToString().ToLowerInvariant();
if (stringBank == @"none") if (stringBank == @"none")
@ -247,10 +250,10 @@ namespace osu.Game.Rulesets.Objects.Legacy
bankInfo.Add = string.IsNullOrEmpty(stringAddBank) ? stringBank : stringAddBank; bankInfo.Add = string.IsNullOrEmpty(stringAddBank) ? stringBank : stringAddBank;
if (split.Length > 2) if (split.Length > 2)
bankInfo.CustomSampleBank = int.Parse(split[2]); bankInfo.CustomSampleBank = Parsing.ParseInt(split[2]);
if (split.Length > 3) if (split.Length > 3)
bankInfo.Volume = int.Parse(split[3]); bankInfo.Volume = Parsing.ParseInt(split[3]);
bankInfo.Filename = split.Length > 4 ? split[4] : null; bankInfo.Filename = split.Length > 4 ? split[4] : null;
} }