Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Console command "exec" can stack overflow and crash (bypassing crash handler) #8851

Closed
James103 opened this issue Mar 12, 2021 · 1 comment
Closed

Console command "exec" can stack overflow and crash (bypassing crash handler) #8851

James103 opened this issue Mar 12, 2021 · 1 comment
Labels
bug Something isn't working

Comments

@James103
Copy link
Contributor

Version of OpenTTD

openttd-20210226-master-gaf326753a9-windows-win64

Expected result

Console command exec should have a recursion limit when it recursively calls itself, similar to in #7969.

Actual result

In openttd-20210226-master-gaf326753a9-windows-win64:
The game crashes, presumably due to a stack overflow and/or too many file handles open. crash.dmp is generated with a file size of 0 bytes. crash.log and crash.png are not generated.

In openttd-jgrpp-0.40.3-windows-win64:
The console command aborts with ERROR: script file not found even though the file exists and was able to be accessed recursively using exec. This may be because there were too many files open by the same process at once.

Steps to reproduce

  1. Create a file with the path C:\Users\user\Documents\OpenTTD\recursion.txt and the contents as follows:
exec C:\Users\user\Documents\OpenTTD\recursion.txt

(replace user with your Windows user name)

  1. Launch OpenTTD.
  2. Run the console command: exec C:\Users\user\Documents\OpenTTD\recursion.txt
  3. Either crash or abort with ERROR: script file not found.
@TrueBrain
Copy link
Member

Besides no protection for recursion, there is another issue when you run exec from a script: when ever the inner script stops, so does the outer script. Example:

test.script

echo begin
exec test2.script
echo end

test2.script

echo test2

Run a dedicated server and execute: exec test.script. Output:

begin
test2

This is because there is only a single global to indicate a script is still being parsed. So one can only use exec to hand off from one script to the other.

I am surprised nobody ever reported that issue, as it is a pretty big limitation. But maybe that says a lot about how many people use exec and scripts in general.

TrueBrain added a commit to TrueBrain/OpenTTD that referenced this issue Mar 12, 2021
@TrueBrain
Fix OpenTTD#8851: don't allow infinite "exec" depth in script, but li…
a4ea64c 
…mit to 10 deep

This means if you execute a script from a script from a script, ..
for more than 10 times, it bails out now. This should be sufficient
for even the most complex scripts.
@TrueBrain TrueBrain mentioned this issue Mar 12, 2021
Merged
@TrueBrain TrueBrain added the bug Something isn't working label Mar 12, 2021
TrueBrain added a commit to TrueBrain/OpenTTD that referenced this issue Mar 13, 2021
@TrueBrain
Fix OpenTTD#8851: don't allow infinite "exec" depth in script, but li…
a12ad17 
…mit to 10 deep

This means if you execute a script from a script from a script, ..
for more than 10 times, it bails out now. This should be sufficient
for even the most complex scripts.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TrueBrain @James103