diff --git a/source/ps/ConfigDB.cpp b/source/ps/ConfigDB.cpp index b9abfa6f56..b3604a5854 100644 --- a/source/ps/ConfigDB.cpp +++ b/source/ps/ConfigDB.cpp @@ -22,10 +22,14 @@ #include #include "lib/allocators/shared_ptr.h" +#include "lib/file/vfs/vfs_path.h" #include "ps/CLogger.h" +#include "ps/CStr.h" #include "ps/Filesystem.h" #include "ps/ThreadUtil.h" +#include + typedef std::map TConfigMap; TConfigMap CConfigDB::m_Map[CFG_LAST]; VfsPath CConfigDB::m_ConfigFile[CFG_LAST]; @@ -33,10 +37,11 @@ bool CConfigDB::m_HasChanges[CFG_LAST]; static pthread_mutex_t cfgdb_mutex = PTHREAD_MUTEX_INITIALIZER; -// These entries will not be printed to logfiles -static const std::set g_UnloggedEntries = { +// These entries will not be printed to logfiles, so that logfiles can be shared without leaking personal or sensitive data +static const std::unordered_set g_UnloggedEntries = { "lobby.password", - "lobby.buddies" + "lobby.buddies", + "userreport.id" // authentication token for GDPR personal data requests }; CConfigDB::CConfigDB() diff --git a/source/ps/scripting/JSInterface_ConfigDB.cpp b/source/ps/scripting/JSInterface_ConfigDB.cpp index 0904caa1fa..b55203e3c7 100644 --- a/source/ps/scripting/JSInterface_ConfigDB.cpp +++ b/source/ps/scripting/JSInterface_ConfigDB.cpp @@ -1,4 +1,4 @@ -/* Copyright (C) 2017 Wildfire Games. +/* Copyright (C) 2018 Wildfire Games. * This file is part of 0 A.D. * * 0 A.D. is free software: you can redistribute it and/or modify @@ -21,9 +21,26 @@ #include "ps/ConfigDB.h" #include "ps/CLogger.h" -#include "ps/Profile.h" #include "scriptinterface/ScriptInterface.h" +#include +#include + +// These entries will not be readable nor writable for JS, so that malicious mods can't leak personal or sensitive data +static const std::unordered_set g_ProtectedConfigNames = { + "userreport.id" // authentication token for GDPR personal data requests +}; + +bool JSI_ConfigDB::IsProtectedConfigName(const std::string& name) +{ + if (g_ProtectedConfigNames.find(name) != g_ProtectedConfigNames.end()) + { + LOGERROR("Access denied (%s)", name.c_str()); + return true; + } + return false; +} + bool JSI_ConfigDB::GetConfigNamespace(const std::wstring& cfgNsString, EConfigNamespace& cfgNs) { if (cfgNsString == L"default") @@ -64,6 +81,9 @@ bool JSI_ConfigDB::SetChanges(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), co std::string JSI_ConfigDB::GetValue(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), const std::wstring& cfgNsString, const std::string& name) { + if (IsProtectedConfigName(name)) + return ""; + EConfigNamespace cfgNs; if (!GetConfigNamespace(cfgNsString, cfgNs)) return std::string(); @@ -75,6 +95,9 @@ std::string JSI_ConfigDB::GetValue(ScriptInterface::CxPrivate* UNUSED(pCxPrivate bool JSI_ConfigDB::CreateValue(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), const std::wstring& cfgNsString, const std::string& name, const std::string& value) { + if (IsProtectedConfigName(name)) + return false; + EConfigNamespace cfgNs; if (!GetConfigNamespace(cfgNsString, cfgNs)) return false; @@ -85,6 +108,9 @@ bool JSI_ConfigDB::CreateValue(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), c bool JSI_ConfigDB::RemoveValue(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), const std::wstring& cfgNsString, const std::string& name) { + if (IsProtectedConfigName(name)) + return false; + EConfigNamespace cfgNs; if (!GetConfigNamespace(cfgNsString, cfgNs)) return false; @@ -99,18 +125,19 @@ bool JSI_ConfigDB::WriteFile(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), con if (!GetConfigNamespace(cfgNsString, cfgNs)) return false; - bool ret = g_ConfigDB.WriteFile(cfgNs, path); - return ret; + return g_ConfigDB.WriteFile(cfgNs, path); } bool JSI_ConfigDB::WriteValueToFile(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), const std::wstring& cfgNsString, const std::string& name, const std::string& value, const Path& path) { + if (IsProtectedConfigName(name)) + return false; + EConfigNamespace cfgNs; if (!GetConfigNamespace(cfgNsString, cfgNs)) return false; - bool ret = g_ConfigDB.WriteValueToFile(cfgNs, name, value, path); - return ret; + return g_ConfigDB.WriteValueToFile(cfgNs, name, value, path); } bool JSI_ConfigDB::Reload(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), const std::wstring& cfgNsString) @@ -119,8 +146,7 @@ bool JSI_ConfigDB::Reload(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), const if (!GetConfigNamespace(cfgNsString, cfgNs)) return false; - bool ret = g_ConfigDB.Reload(cfgNs); - return ret; + return g_ConfigDB.Reload(cfgNs); } bool JSI_ConfigDB::SetFile(ScriptInterface::CxPrivate* UNUSED(pCxPrivate), const std::wstring& cfgNsString, const Path& path) diff --git a/source/ps/scripting/JSInterface_ConfigDB.h b/source/ps/scripting/JSInterface_ConfigDB.h index 9ecb1bbf73..5c704d1163 100644 --- a/source/ps/scripting/JSInterface_ConfigDB.h +++ b/source/ps/scripting/JSInterface_ConfigDB.h @@ -21,8 +21,11 @@ #include "ps/ConfigDB.h" #include "scriptinterface/ScriptInterface.h" +#include + namespace JSI_ConfigDB { + bool IsProtectedConfigName(const std::string& name); bool GetConfigNamespace(const std::wstring& cfgNsString, EConfigNamespace& cfgNs); bool HasChanges(ScriptInterface::CxPrivate* pCxPrivate, const std::wstring& cfgNsString); bool SetChanges(ScriptInterface::CxPrivate* pCxPrivate, const std::wstring& cfgNsString, bool value);