New contributors added to AUTHORS:
@dragmz, @fire
Thanks to all contributors and donors for making Godot possible!
[ci skip]
(cherry picked from commit 284b56f2fb)
Yesterday, when playing around with my network code, I realized there is
a security issue in decode_variant, at least when decoding PoolArrays.
Basically, the size of the PoolArray is encoded in a uint32_t, when
decoding it, that value is cast to int when comparing if the packet is
actually that size causing numbers with MSB=1 to be interpreted as
negative thus always passing the check. That same value though, is used
as uint32_t again to resize the output vector. For this reason, sending
a malformed packet with declared type PoolByteArray and size of 2^31(+x)
causes the engine to try to allocate 2+GB of pool memory, causing the
engine to crash.
This patch is a backport of the one initially written for the master
branch.
Extending on b68222e4e7 to ensure that it still
has the exact same behaviour as the previous code, as discussed with @hpvb.
(cherry picked from commit 03e11c13bf)
New contributor added to AUTHORS:
@JFonS
Also updated alphabetically sorting with `sort -d`.
Thanks to all contributors and donors for making Godot possible!
[ci skip]
(cherry picked from commit b631306de1)
New contributors added to AUTHORS:
@Nallebeorn, @ibrahn, @KellyThomas, @ShyRed
Thanks to all contributors and donors for making Godot possible!
[ci skip]
(cherry picked from commit a18fe06773)
This fixes the problem described in #13996 in a proper way.
This also adds "deadzone" property to ScrollContainer.
It can be usedon mobile, where taps are not as precise as mouse clicks.
Player couldslightly move their finger when tapping, in which case we still wantthe button to be pressed rather than the container to be scrolled.
(cherry picked from commit dcf5be9)
Instead of editing the placeholder permissions actually write new ones.
This should solve the privacy statement problems for the Play store.
This means we also no longer need to placeholder permissions in the
template.
Also fix logic bug in transform/rot conversion.
In my tests it seems like it was not actually misbehaving,
but the logic was wrong for tracks with ID > 9.