Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
46 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon
Back to General and Gameplay Programming

Different uses for script-bytecode...

Started by
14 comments, last by Nirklas 21 years, 2 months ago
quote:Original post by Extrarius


The problem with the scripting language idea is that it is more complex. The more complex something is, the easier it is for bugs to be introduced. The more bugs there are, the easier it is to abuse. If you use a static array somewhere in your VM and you don't do bounds checking every time you access it(among other checks), you could easily end up with a buffer overflow, or some other 'simple exploit'. The problem exists even if you don't use your scripting language for the network protocol, but its harder to exploit because the hacker will have to make a level with the bad script and get people to run it. If it's run automatically from the network, he/she can just join a game and send the malicious code across the internet and he now has total control over their PC and can do whatever he wants including running aritrary code.

[edited by - Extrarius on February 13, 2003 1:54:54 PM]


I agree with you. But if I may:

A scripting language is actually simpler. Especially one where when do RPC you actuall send the line of code that gets re-interpreted by the VM. That makes for a very simple server.

You are missing the point that if the VM you wrote does not give access to os-level feature of the machine, the hacker CANNOT get access to them. That means not script function to open a file, not script function to write to file, etc. Only game related stuff. If the some scripts needs to access os feature, it should do it in a high-level way, where the details of access are not controled by the script call, but by the need to the call. e.g. if you want to load a model, you don't open the file, you request to load the model with it's name. I will agree that most of the time, it is not a trivial task, but for a video games, the actions that can be done using a script language can be implemented without giving control of the os-feature.

It has been done before you know. Python has a sandbox, Java as a sandbox, many other tech I don't know about have a sandbox.

Stop spreading fud people. A network command is a network command whatever way you send it. There is nothing different to sending a line of code then sending some chunk of data to a server with a CommandId and command arguments.

[edited by - Gorg on February 13, 2003 2:17:38 PM]
Advertisement
quote:Original post by Gorg
Original post by Extrarius
The problem with the scripting language idea is that it is more complex. The more complex something is, the easier it is for bugs to be introduced. The more bugs there are, the easier it is to abuse. If you use a static array somewhere in your VM and you don''t do bounds checking every time you access it(among other checks), you could easily end up with a buffer overflow, or some other ''simple exploit''. The problem exists even if you don''t use your scripting language for the network protocol, but its harder to exploit because the hacker will have to make a level with the bad script and get people to run it. If it''s run automatically from the network, he/she can just join a game and send the malicious code across the internet and he now has total control over their PC and can do whatever he wants including running aritrary code.

[edited by - Extrarius on February 13, 2003 1:54:54 PM]


I agree with you. But if I may:

A scripting language is actually simpler. Especially one where when do RPC you actuall send the line of code that gets re-interpreted by the VM. That makes for a very simple server.

You are missing the point that if the VM you wrote does not give access to os-level feature of the machine, the hacker CANNOT get access to them. That means not script function to open a file, not script function to write to file, etc. Only game related stuff. If the some scripts needs to access os feature, it should do it in a high-level way, where the details of access are not controled by the script call, but by the need to the call. e.g. if you want to load a model, you don''t open the file, you request to load the model with it''s name. I will agree that most of the time, it is not a trivial task, but for a video games, the actions that can be done using a script language can be implemented without giving control of the os-feature.

It has been done before you know. Python has a sandbox, Java as a sandbox, many other tech I don''t know about have a sandbox.

Stop spreading fud people. A network command is a network command whatever way you send it. There is nothing different to sending a line of code then sending some chunk of data to a server with a CommandId and command arguments.

[edited by - Gorg on February 13, 2003 2:17:38 PM]


You are not realizing that it doesn''t matter what the scripting language allows. If you have a buffer overflow, the hacker can run ARBITRARY MACHINE CODE on your system. Even if your script just allows simple math expressions like "x = y + 5" it is still possible that there is an exploit that could allow the hacker to take complete control of a system. The scripting language doesnt need features, it just needs a bug or two and a good hacker can abuse it to no end.
"Walk not the trodden path, for it has borne it's burden." -John, Flying Monk
quote:Original post by Extrarius
You are not realizing that it doesn't matter what the scripting language allows. If you have a buffer overflow, the hacker can run ARBITRARY MACHINE CODE on your system. Even if your script just allows simple math expressions like "x = y + 5" it is still possible that there is an exploit that could allow the hacker to take complete control of a system. The scripting language doesnt need features, it just needs a bug or two and a good hacker can abuse it to no end.


I understand that, but it is just a bug. Buffer overflow are because you have static buffers and are not checking the bounds. Just fix it or use dynamic buffers.

This is not an argument against using his idea. It is just an agurment to write bug free software.





[edited by - Gorg on February 13, 2003 4:07:56 PM]
Anyway, bug or not, this idea was used to build the multiplayer support for Dungeon Siege. The server/client comunication takes place on a layer built on top of Skrit, the scripting system Dungeon Siege uses. So, if it''s good for DS...

Fire burn wisdom in me,
Wisdom set mind and spirit free,
Moonlight shows me the mysteries of life,
Winternight gives me clearsight and storms to fight.
Fire burn wisdom in me,Wisdom set mind and spirit free,Moonlight shows me the mysteries of life,Winternight gives me clearsight and storms to fight.
It's an argument against making things much more complex than needed and an argument agains "but if you don't directly let them, they can't do it".

I don't think its a bad idea, I think you would just need to very very careful with the implementation. I think a better idea might be to send say mouse clicks and button presses over the network and have the game figure out what script should be run in response to that button press. It would be much less likely to be abusable imo, since you would be simulating all players on all computers. It would also be difficult to cheat (except for map-hack style cheats). Validating the data would be easy as well since an invalid key wouldn't have a script mapped to it and nothing would happen.

Edit: It wasn't good for DS. I found the game to be fairly laggy when playing with just 1 other person. Both of us have broadband and our computers are good enough to run it fairly fast, but the person that wasn't hosting would experience lag quite often, and one in a while response times would rise to minutes.

[edited by - Extrarius on February 13, 2003 5:14:02 PM]
"Walk not the trodden path, for it has borne it's burden." -John, Flying Monk
quote:Original post by Extrarius

I don't think its a bad idea, I think you would just need to very very careful with the implementation. I think a better idea might be to send say mouse clicks and button presses over the network and have the game figure out what script should be run in response to that button press. It would be much less likely to be abusable imo, since you would be simulating all players on all computers. It would also be difficult to cheat (except for map-hack style cheats). Validating the data would be easy as well since an invalid key wouldn't have a script mapped to it and nothing would happen.

[edited by - Extrarius on February 13, 2003 5:14:02 PM]


Try it. You will see it is not more complex. It is actually very elegant.

Sending clicks does not help for trainers and is as difficult to validate. You are not worried about receiving bad commands, that's just something you get somethimes, what you are worried about is a tool that moves the character on it's own. The problem is the same for clicks or script

Also, sending key presses is very weak and inflexible protocol. Sending commands is more usefull because the triggering of the command is independant of the actual data of the command. Once you start using a command protocol you actually have created a script language. The only difference with full script is that there has to be a conversion from client to command languge and from the command language to server. By sending actual code, there is no conversion.






[edited by - Gorg on February 13, 2003 8:52:52 PM]

This topic is closed to new replies.

Advertisement

Popular Topics

Aybe One
How do you manage yourself and your time as years pass on? GDNet Lounge
Jikoob
Too many managers? General and Gameplay Programming
aigan
The promise of freedom in story games Game Design and Theory
robertrobert
Facebook Ads for sales on steam, does it work? Games Business and Law
gjl
New Generated Constructor & JIT Issue AngelCode
MrK45
Inheriting from application registered class AngelCode
Advertisement

Recommended Tutorials

Myopic Rhino
Trees Part 1 General and Gameplay Programming
Myopic Rhino
The World of 3-D Graphics Part 1: An Introduction Graphics and GPU Programming
Jonathon
Using Low Level Stories Game Design and Theory
gdarchive
3ds Max 2014 Review Visual Arts
Dyonisian
Programmer Art in Unity - 7 Techniques to Achieve Impressive Visuals Without an Artist Visual Arts

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top