10-23-15, 06:43 AM | #1 |
Need help with SpellBook taint
I'm currently working on an addon that interracts with the SpellBook but I seem to taint it which causes errors when trying to cast a spell from the book (because CastSpell() is protected).
The idea is that I have a button showing a spell, and when clicked it opens the SpellBook to the page where the spell is located. As far as I've seen there's no function for this so I basically go through all the tabs, pages and slots to find the correct spell. The issue is that this, and even just toggling the SpellBook, will taint it. So I'm trying to figure out if there's a way I can fix it. Full code can be found on my GitHub Once the button is pressed the only relevant code is the following: (line 122- 141) It get the name of the spell, then calls the function to scout through the spellbook for that name. If it's found it plays a highlight animation, else it just opens on the default page. And then it opens the SpellBook if it's not open yet. Lua Code:
The function to scout works like this: (line 47 - 105) It simply starts at the first tab, checks all the slots until it reaches an empty one or the last one. Goes through the different pages on that tab until it's done and goes to the second tab. if it finds the spell it stays on that page and returns success and the slot (to archor the highlight to) Lua Code:
The template for the buttons are in the XML file. Template lines 15 to 136 Actual buttons at 242 - 300 So I'm trying to figure out if there is a way to prevent the taint, or if there's just no way to do it correctly. Last edited by LanceDH : 10-23-15 at 07:05 AM. |
|
10-23-15, 10:27 AM | #2 |
Not at home yet, can't run live tests, but here's my wild guess after I checked your code on GH... You have quite many Show/Hide calls, but you dun always check if character is in combat or not, you can't toggle frame visibility whilst in combat... You have to use InCombatLockdown() function to check whether it's safe to make those calls or not.
And I strongly recommend using taint log, it helps quite much... Last edited by lightspark : 10-23-15 at 11:01 AM. Reason: checked code on github |
|
10-23-15, 12:35 PM | #3 |
I think your only chance of getting this to work correctly without breaking the spellbook is to create a secure button which executes a macro to /click the spellbook forward/back buttons to the proper page, because calling any of the spellbook functions directly is going to taint everything it touches.
That being said, why not just make it so people can drag the spell off the button you're displaying, rather than open the spellbook? It seems like an extra step, unless I'm not understanding what your addon is meant to do. |
|
10-23-15, 12:45 PM | #4 | ||
The other ones are (in theory) impossible to trigger without either of those 2 frames being shown. I used UnitAffectingCombat("player") for it though. Achieves the same thing but might look into using the function you gave instead. As for taint log, totally forgot that was a thing.
I was already going to add that but the reason I wanted to have the SpellBook is because I also do things like open the dungeon journal, talent frame, glyph frame, .. which... I'm probably also tainting beyon belief though I don't think they call protected functions like the SpellBook does. Another annoyance is that IsPassiveSpell("name") doesn't actually work correctly as it returns false for Tiger Strikes whish is a passive, probably because it triggers another spell with the same name that isn't a passive. Not the biggest issue but just annoying and might require more work. I'll check the taint log and see what comes up. worst case I'll have to live without it. Edit: Seems WoW just instantly taints any global variable in addons. But as far as I understand my functions need to be global to call them in my XML code? Or is there some other way to do this. Last edited by LanceDH : 10-23-15 at 01:09 PM. |
|||
10-23-15, 01:54 PM | #5 | |
Correct. Though it's one of many reasons why it's suggested to not use XML. You can do almost everything directly from Lua.
__________________
WoWInterface AddOns
|
||
10-23-15, 02:11 PM | #6 | |
Here I've been programming addons in nothing but LUA thinking I'm not doing it the way I should. And now I, for once, code one with XML.. |
||
10-23-15, 02:41 PM | #7 | ||
Code:
'ILW_UnlockContainer:Hide()'. !BugGrabber\BugGrabber.lua:573: in function <!BugGrabber\BugGrabber.lua:573> [C]:: in function 'Hide' ILearnedWhat\ILearnedWhat-6.2b1.lua:491: in function <ILearnedWhat\ILearnedWhat.lua:486> ILearnedWhat\ILearnedWhat-6.2b1.lua:504: in function <ILearnedWhat\ILearnedWhat.lua:503>
One more thing. Their API is almost always safe, there are some exceptions though, but NEVER (almost never tbh, there are few exceptions too) use functions blizz implemented in Lua themselves, it almost always causes taints. Your taint you were talking about in OP was caused by usage of blizz' SpellBookSkillLineTab_* functions. P.S. BTW, sorry, completely missed the point in my first comment, was a bit tired. Went full retard, realized it just now after a short nap, Last edited by lightspark : 10-23-15 at 02:49 PM. |
|||
10-23-15, 03:11 PM | #8 | ||
I guess PLAYER_REGEN_DISABLED, where I hide everything when combat starts, happens before errors start happening. Will have to fix that now that I know.
Or does the XML itself cause issues? Having done it both ways now I must say I find XML to make the base for frames a lot easier to use and keep track of things, and doesn't clutter my LUA files as much. |
|||
10-23-15, 03:46 PM | #9 |
Just wanted to clear something up, since people seem a little confused as to what taint actually is.
Anything an addon does is considered "tainted". Its purpose is to prevent an addon from tricking a blizzard function into executing code that it wouldn't normally be able to do directly, or otherwise influence the result of a protected function. So, when we call a function like SpellBookPrevPageButton_OnClick, which calls SpellBookFrame_Update, which calls SpellBook_UpdatePlayerTab, which calls SpellBookFrame_UpdateSpells, which calls SpellButton_UpdateButton, which sets "self.offSpecID", which is then read by SpellButton_OnClick when you click the spell button, it directly influences whether or not "CastSpell" is called by the interface. Since we've "tainted" the execution path by calling a function which ultimately affected a protected function, the interface prevents the protected function from being called. When you create a global variable, it's tainted because it wasn't created by blizzard's "trusted" code, it was created by your addon, which is untrustworthy. If something in the interface were to read that variable it would taint its execution path. This doesn't mean that global variables are bad, just that you need to take care not to name them something that would ever be referenced by anything else. |
|
10-23-15, 03:58 PM | #10 | |||
If you need to use same template many times, instead creating XML-template, create constructor for this widget in Lua. It's easier to debug, it's more flexible and more secure. P.S. And semlar, as always, explained everything nicely. But I, being a lazy ass, said to almost never use blizz stuff, if they implemented it in Lua. That's almost always true for their OnClick handlers and quite many other functions. I just think it's safest, yet dumbest approach, works for me Ofc there are few handy exceptions, which are safe to use. Last edited by lightspark : 10-23-15 at 04:08 PM. |
||||
10-23-15, 04:06 PM | #11 | |
You send your Zerg into Blizzard's base to do something and it just leaves creep all over the place. Then Blizzard sends an SCV ro so something, sees the creep, sounds the alarms and the thing gets quarantined. So what you're saying is, no matter how hard you try to clean your Zerg, it's always going to leave creep behind? In other words, it's impossible to do what I'm trying to do without blizzard code falling appart, and should just stick with dragging the spells from my own buttons? Won't argue with that. Forgot something in your XML? Well I'm just going to tell you something went wrong in your LUA instead. Edit: As for everything LUA, this is unfinished and uncleaned code but I think we can all agree it burns people's eyes out. Lua Code:
Last edited by LanceDH : 10-23-15 at 04:17 PM. |
||
10-23-15, 04:29 PM | #12 | |
If you make a macro that /clicks the page buttons, it will behave the same way as if the player had clicked them directly, because it requires a hardware event to function and is considered more secure than your addon calling the function directly. |
||
10-23-15, 07:40 PM | #13 | |
XML was the way back in the early versions of WoW before the Widget functions were made available to the Lua side. Since then, Lua has been the preferred method for the ease of debugging and it no longer requires globals to pass between Widgets and the rest of the addon.
__________________
WoWInterface AddOns
|
||
10-23-15, 09:41 PM | #14 |
On the subject of functions in XML, in 6.1 Blizzard added a "mixin" attribute for frames (note: not sure if it's only for frames). This adds the functions from the referenced global table into the attributed frame, allowing you to access those functions (and maybe other data, I have not tested this) via self in both XML and Lua.
Blizzard uses this mostly in the Garrison UI (since 6.2), though it was first used in the Heirloom Collection (in 6.1). They create the global table "GarrisonFollowerList" in Blizzard_GarrisonSharedTemplates.lua, and is used as a mixin for many frames. You can see Blizzard_GarrisonRecruiterUI.xml where they use the OnShow and OnHide methods from the mixin table within the applicable scripts. Many addons create at least one global to house various bits of data, so this same global can easily be used as a mixin for XML created frames. That said, debugging would still be much easier in Lua so there probably won't be many authors switching to use the new attribute; however, it could be very useful for use in eg. templates where XML is required. Last edited by Gethe : 10-23-15 at 09:43 PM. |
|
10-23-15, 10:08 PM | #15 |
The frame has the attribute: mixin="GarrisonFollowerList"
but the script calls: GarrisonFollowListEditBox_OnTextChanged which is a standalone global function so I think I'm missing something here or it's a nonsensical bit of coding on Blizzards part.
__________________
Fizzlemizz Maintainer of Discord Unit Frames and Discord Art. Author of FauxMazzle, FauxMazzleHUD and Move Pad Plus. |
|
10-23-15, 10:22 PM | #16 |
No, that's a script on the edit box not the frame with the mixin.
|
|
10-23-15, 10:36 PM | #17 |
Ah, OK, took a second look to see where/how it was implemented for OnShow/OnHide.
I'll have to give it a closer look to understand what it might actually bring to the table. DUF and DART are still largely XML based.
__________________
Fizzlemizz Maintainer of Discord Unit Frames and Discord Art. Author of FauxMazzle, FauxMazzleHUD and Move Pad Plus. |
|
10-24-15, 05:15 AM | #18 | |
Lua Code:
On-topic: I spent a lot of time trying to get this stuff sorted, because I use a fake cursor in ConsolePort that clicks on buttons and stuff in the interface. Since it had to be robust and refrain from tainting every single thing it touches, it uses the secure action button system along with a clickbutton attribute. The attribute is changed every time the user moves the cursor to another button, thus never calling any specific click scripts and never tainting the buttons it clicks. The problem you're facing here is whether you can scan the spell book in a secure environment, which can only be done with secure handlers - and they offer a very limited part of the API. Also note that you can't reference non-secure frames in combat in a secure environment, meaning the paging buttons can't be clicked programmatically in combat using that approach. Personally, I think you should think of a different design to solve your problem. Last edited by MunkDev : 10-24-15 at 05:29 AM. |
||
10-24-15, 11:13 AM | #19 |
I decided to just go with dragging from my own buttons instead.
I'm still tainting the other frames but so far they don't seems to cause problems with any protected functions. If they end up doing so.. I fear the whole point of the addon is lost. As for the bloat, I just hate wasting half the code in my LUA files on visual stuff. If I get to making another addon I might try out just putting all visual stuff in its own LUA file and see how I like that. |
|
WoWInterface » Developer Discussions » Lua/XML Help » Need help with SpellBook taint |
«
Previous Thread
|
Next Thread
»
|
Display Modes |
Linear Mode |
Switch to Hybrid Mode |
Switch to Threaded Mode |
|
|