Hello. Currently, a plugin can easily crash the server, which doesn't check parameters (just call a function with a NULL pointer, nice crash guaranteed). Also, server doesn't checks parameters and such, which can lead to invalid values (Str of 50 for a player...).
So should that be fixed in a way a plugin can *not* crash the server through a callback, or send invalid parameters? Note that preventing a plugin ever crashing the server is hard, since the plugin itself can crash leading to server crash (and that isn't something easy to avoid i think). IMO "no" is an acceptable answer. We can after all "trust" a plugin to do the right thing. If we choose the "yes, let's harden the plugin system" option, here's my suggestion for hardening: * when plugin requests an object/map/archetype, server keeps the pointer in an array and sends the index, which is used in subsequent functions * this way, it's easy to check the pointer's validity - check index, if inbounds ok, else issue * when the plugin returns, server knows what objects were affected (array can contain a "set_parameter" field, set when a setter is called), and can send updates to player accordingly - should also simplify plugin's code. Also can recalculate stuff when object is removed, whatever. Just my 2 cents :) Nicolas _______________________________________________ crossfire mailing list crossfire@metalforge.org http://mailman.metalforge.org/mailman/listinfo/crossfire