From ba1de97f049211ae71cae5f10aca114aeda9f30d Mon Sep 17 00:00:00 2001 From: Mario Zechner Date: Tue, 22 Mar 2022 13:37:08 +0100 Subject: [PATCH] [c] Return error if skeleton version doesn't match runtime version. See #1998 --- spine-c/spine-c/include/spine/Version.h | 37 ++++++++++++++++++++++ spine-c/spine-c/src/spine/SkeletonBinary.c | 20 ++++++++++++ spine-c/spine-c/src/spine/SkeletonJson.c | 19 +++++++++++ 3 files changed, 76 insertions(+) create mode 100644 spine-c/spine-c/include/spine/Version.h diff --git a/spine-c/spine-c/include/spine/Version.h b/spine-c/spine-c/include/spine/Version.h new file mode 100644 index 000000000..1822b6240 --- /dev/null +++ b/spine-c/spine-c/include/spine/Version.h @@ -0,0 +1,37 @@ +/****************************************************************************** + * Spine Runtimes License Agreement + * Last updated September 24, 2021. Replaces all prior versions. + * + * Copyright (c) 2013-2021, Esoteric Software LLC + * + * Integration of the Spine Runtimes into software or otherwise creating + * derivative works of the Spine Runtimes is permitted under the terms and + * conditions of Section 2 of the Spine Editor License Agreement: + * http://esotericsoftware.com/spine-editor-license + * + * Otherwise, it is permitted to integrate the Spine Runtimes into software + * or otherwise create derivative works of the Spine Runtimes (collectively, + * "Products"), provided that each user of the Products must obtain their own + * Spine Editor license and redistribution of the Products in any form must + * include this license and copyright notice. + * + * THE SPINE RUNTIMES ARE PROVIDED BY ESOTERIC SOFTWARE LLC "AS IS" AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL ESOTERIC SOFTWARE LLC BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, + * BUSINESS INTERRUPTION, OR LOSS OF USE, DATA, OR PROFITS) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THE SPINE RUNTIMES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + *****************************************************************************/ + +#ifndef SPINE_VERTEXEFFECT_H_ +#define SPINE_VERTEXEFFECT_H_ + +#define SPINE_MAJOR_VERSION 4 +#define SPINE_MINOR_VERSION 1 +#define SPINE_VERSION_STRING "4.1" + +#endif diff --git a/spine-c/spine-c/src/spine/SkeletonBinary.c b/spine-c/spine-c/src/spine/SkeletonBinary.c index e0d0e0812..04d2cb96c 100644 --- a/spine-c/spine-c/src/spine/SkeletonBinary.c +++ b/spine-c/spine-c/src/spine/SkeletonBinary.c @@ -33,6 +33,7 @@ #include #include #include +#include typedef struct { const unsigned char *cursor; @@ -1270,6 +1271,18 @@ spSkeletonData *spSkeletonBinary_readSkeletonDataFile(spSkeletonBinary *self, co return skeletonData; } +static int string_starts_with(const char *str, const char *needle) { + int lenStr, lenNeedle, i; + if (!str) return 0; + lenStr = strlen(str); + lenNeedle = strlen(needle); + if (lenStr < lenNeedle) return 0; + for (i = 0; i < lenNeedle; i++) { + if (str[i] != needle[i]) return 0; + } + return -1; +} + spSkeletonData *spSkeletonBinary_readSkeletonData(spSkeletonBinary *self, const unsigned char *binary, const int length) { int i, n, ii, nonessential; @@ -1297,6 +1310,13 @@ spSkeletonData *spSkeletonBinary_readSkeletonData(spSkeletonBinary *self, const if (!strlen(skeletonData->version)) { FREE(skeletonData->version); skeletonData->version = 0; + } else { + if (!string_starts_with(skeletonData->version, SPINE_VERSION_STRING)) { + char errorMsg[255]; + sprintf(errorMsg, "Skeleton version %s does not match runtime version %s", skeletonData->version, SPINE_VERSION_STRING); + _spSkeletonBinary_setError(self, errorMsg, NULL); + return NULL; + } } skeletonData->x = readFloat(input); diff --git a/spine-c/spine-c/src/spine/SkeletonJson.c b/spine-c/spine-c/src/spine/SkeletonJson.c index c0acbfaa6..b78af9081 100644 --- a/spine-c/spine-c/src/spine/SkeletonJson.c +++ b/spine-c/spine-c/src/spine/SkeletonJson.c @@ -28,6 +28,7 @@ *****************************************************************************/ #include "Json.h" +#include #include #include #include @@ -949,6 +950,18 @@ spSkeletonData *spSkeletonJson_readSkeletonDataFile(spSkeletonJson *self, const return skeletonData; } +static int string_starts_with(const char *str, const char *needle) { + int lenStr, lenNeedle, i; + if (!str) return 0; + lenStr = strlen(str); + lenNeedle = strlen(needle); + if (lenStr < lenNeedle) return 0; + for (i = 0; i < lenNeedle; i++) { + if (str[i] != needle[i]) return 0; + } + return -1; +} + spSkeletonData *spSkeletonJson_readSkeletonData(spSkeletonJson *self, const char *json) { int i, ii; spSkeletonData *skeletonData; @@ -971,6 +984,12 @@ spSkeletonData *spSkeletonJson_readSkeletonData(spSkeletonJson *self, const char if (skeleton) { MALLOC_STR(skeletonData->hash, Json_getString(skeleton, "hash", 0)); MALLOC_STR(skeletonData->version, Json_getString(skeleton, "spine", 0)); + if (!string_starts_with(skeletonData->version, SPINE_VERSION_STRING)) { + char errorMsg[255]; + sprintf(errorMsg, "Skeleton version %s does not match runtime version %s", skeletonData->version, SPINE_VERSION_STRING); + _spSkeletonJson_setError(self, 0, errorMsg, NULL); + return NULL; + } skeletonData->x = Json_getFloat(skeleton, "x", 0); skeletonData->y = Json_getFloat(skeleton, "y", 0); skeletonData->width = Json_getFloat(skeleton, "width", 0);