[crossfire] Hardening plugin system

Nicolas Weeger nicolas.weeger at laposte.net
Mon Jan 16 15:53:30 CST 2006


>  If its a choice of:
> 
> a) when callback to set value is used, we set the value and then mark a
> flag that the object has been modified, and when function is finished,
> we check sanity of object,
> 
> or
> 
> b) when callback to set value is made, we check the validity
> 
>  I'd personally choose b - detecting the error right when it happens is
> always better - it makes it easier to fix the problem.

Actually, i'd chose b too - i think i meant that, when plugin finished,
server can send fix_player or fix_object to the client, meaning the
plugin can just not care.

>  but at some level, it can never be 100% foolproof.  The fact the server
> crashes occasionally is proof that even the C code isn't foolproof.  You
> get the complications of some value being valid for one object type, but
> not another, and I don't think there is any real way that can ever be
> checked (but that same problem occurs in maps also - mapmaker could set
> some value to something invalid)

True. Guess there should be checks at many levels in the plugin code :)
(server <-> common plugin lib <-> Pyhton plugin for instance)

Nicolas



More information about the crossfire mailing list