Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
There's a bit more context to the story. The author and the company had a discussion over a reverse engineering claim as well : https://github.com/UlyssesWu/D2Evil/issues/1
I have to admit I'm somewhat impressed with the quality of the 2d puppetry I've seen in gaming recently (e.g. Marvel Snap, andy of the Gachas). It's a simpler technical skill than full 3d rigging that 2d illustrators seem to be able to be able to pick up fairly quickly.
The field this tool grew out of (mobile gaming) is such a grey ethical area, and these puppet animations are a fascinating form of pulp media.
From the first glance it seems like Spine provides their libraries in source format (under non open source license) with pure C++, C# and TS implementations that don't depend on binary blobs (at least it seemed like it). You can find it here https://github.com/esotericsoftware/spine-runtimes . Even if C++ version is not safe, C# and TS versions are probably fine and, and the license mentions creating derivative works (assuming you follow the Editor license terms and some of invovled parties have an editor license) so you are probably allowed to create modified library which processes the files safely.
> The whole file is effectively a write-what-where primitive2. In addition to that, the Count Info Table is not bounds checked either...
File formats like that, with many offsets in the file, are troublesome. There used to be more formats like that. Microsoft Word .doc is the classic example.
OpenJPEG 2000 has a similar problem. I just hit that yesterday.[1] Valgrind is finding references to un-initialized data which affect control flow, and running the JPEG decoder on valid but truncated files (which is allowed) is causing bad memory reference crashes and errors.
New formats like this are rare. People have learned. A modern exception is Unreal Engine 5's Nanite has much offset data, and there may be an attack surface there for hostile game content. Nanite is a way to store a graphics mesh with both multiple levels of detail and common submeshes. It's a hierarchy of directed acyclic graphs, flattened into a linear file with offsets. And, sure enough, there are many crash reports. At least Unreal provides a validator for the format.
(If only C/C++ had slices in the language. Most of the things for which pointer arithmetic is used can be done with slices. Slices really are pointer arithmetic, with sanity.)
[1] https://github.com/uclouvain/openjpeg/issues/1459
Related posts
- What kind of animation is this?
- An animation from our game, Spiritfall.
- Merging a multiple sprites character after animation
- Can we make a guide for morons on how to install OpenEFT on a clean WSL install?
- [Game Dev] Mes expériences de construction de la colonne vertébrale (+ ama si vous avez envie)