Pages: [1]
  Print  
Author Topic: Mitigating the risk of third party pk3 files breaking baseoa?  (Read 8330 times)
Gig
In the year 3000
***

Cakes 45
Posts: 4394


WWW
« on: November 23, 2018, 02:51:47 AM »

PREMISE:
This is just an idea. I don't know if it is worth it. I don't know if it has already been suggested before; if that's the case, please forgive me.

INTRODUCTION:
The engine is designed to have assets (textures, shader files, sounds, maps, QVMs, etc.) contaned in "later" (alphabetically) pk3 files overriding assets with the same name contained in "previous" pk3 files. This system, working together with the "pure check", also allows OA 0.8.8 clients to keep compatibility with 0.8.1 and 0.8.5 servers.

THE PROBLEM:
"Bad" (not only as "malicious", but mostly as "poorly executed" or "placed in the wrong folder") pk3 files always risked to mess up your game, since Q3A. Sometimes you start up your game and something is broken, e.g. some textures seem to disappear, etc., just because in your previous gaming session you autodownloaded some map pk3 which contains something that interferes with some baseoa stuff.

A POSSIBLE WAY TO MITIGATE THE PROBLEM (the idea):
Maybe one may foresee a system where placing a specific file inside a pk3 file would mark the pk3 as "official", and thus the engine would not override stuff from it with stuff coming from unofficial packs, unless you are working in a mod folder.
In other words, "unofficial packs" in baseoa may only add new assets and override those from other unofficial packs, but not override assets from "official packs".

WHEN?
That would need a brand new OpenArena version (updated binaries and all new "stock" pk3 files containing the apposite "flag file") in order to be effective. OA 3.0.0 may theoretically be the right one.

LIMITATIONS:
- Keeping the thing simple (just a very simple file, not a true "certificate") would make it easy for bad people to workaround it and create new "malicious" pk3 files, making them look like "official" while they are not... I don't know how much of a real threat this is, but it's possible. I said, I don't know if the idea is worth it.
- It would not fix the problems with people modifying stock pk3 files on their own. But that's however a bit different than just downloading a new map and getting your game broken.
- The additional pk3 files may not work as their creator expected, e.g. missing some shaders. But this is the price for do not mess up the base game.

ADDITIONAL THOUGHTS:
- Maybe it may arise some compatibilty issues I didn't think about, even if starting from a new major release? I don't know.
- So, maybe one may allow to turn that system on or off for additional backwards compatibility if needed and easier development of maps and other stuff? Maybe with a dedicated cvar or by adding new sv_pure values?
« Last Edit: November 23, 2018, 06:19:30 AM by Gig » Logged

I never want to be aggressive, offensive or ironic with my posts. If you find something offending in my posts, read them again searching for a different mood there. If you still see something bad with them, please ask me infos. I can be wrong at times, but I never want to upset anyone.
Neon_Knight
In the year 3000
***

Cakes 49
Posts: 3775


Trickster God.


« Reply #1 on: November 24, 2018, 07:57:00 AM »

Instead of having a file in the pk3, the game's code should be hardcoded to recognize those as official pk3 (via MD5 or some other kind of check?) and only disable this check in developer mode. This, unfortunately, means that every patch of OA must have an updated package list.
Logged


"Detailed" is nice, but if it gets in the way of clarity, it ceases being a nice addition and becomes a problem. - TVT
Want to contribute? Read this.
fromhell
Administrator
GET A LIFE!
**********

Cakes 35
Posts: 14520



WWW
« Reply #2 on: November 24, 2018, 08:39:45 PM »

It's somewhat already in the code as "restricted demo mode".  It would just need to be compiled for that with the new pak checksums. All it would take is to go from there and add an individual pak enablling menu of some sort (kind of like launchers for certain PC rpg games with mod support)
Logged

asking when OA3 will be done won't get OA3 done.
Progress of OA3 currently occurs behind closed doors alone

I do not provide technical support either.

new code development on github
Nubcake
Nub


Cakes 0
Posts: 3


« Reply #3 on: November 27, 2018, 05:59:45 AM »

Perhaps a solution would be;

Always load back from a default .pk3-file.
The default should not be touched at all.
If you do want to use a mod, load another .pk3-file which executes content from there. When quitting or anything like that, load back from the default again (all paths towards modded content are reset).

When loading a .pk3 file which is corrupt (errors in shaders, textures, etc), loading is denied and default entries are set (so in most cases the main menu).
Logged
sago007
Posts a lot
*

Cakes 62
Posts: 1664


Open Arena Developer


WWW
« Reply #4 on: November 28, 2018, 04:46:13 PM »

For a bit more elaborate solution: You could start by merging https://github.com/smcv/ioq3/tree/issue130 into the engine. Apparently there are some quirks regarding sort order but I found the old sort order broken anyway.
I believe the overall direction is the right one.
Logged

There are nothing offending in my posts.
Gig
In the year 3000
***

Cakes 45
Posts: 4394


WWW
« Reply #5 on: January 18, 2019, 03:53:37 AM »

For completeness, I'm just mentioning here an idea another oa player told me:

Considering at times textures/shaders from a map pk3 do interfere with textures/shaders from other maps pk3s (sometimes ending up to "missing texture" shown), he proposed to allow a map to load only the textures/shaders from its own pk3 (other than those from the "stock" oa files, I would add). Enabled/disabled by a cvar, I guess, to do not lose the ability to "patch" mods and mappacks.
« Last Edit: January 18, 2019, 10:45:48 AM by Gig » Logged

I never want to be aggressive, offensive or ironic with my posts. If you find something offending in my posts, read them again searching for a different mood there. If you still see something bad with them, please ask me infos. I can be wrong at times, but I never want to upset anyone.
Pages: [1]
  Print  
 
Jump to: