avoid taint

gmarco · 11-11-22, 11:57 AM

hi all,

I have an LDB addon that when you press the left mouse button calls this:

Lua Code:

if button == "LeftButton" then
    ToggleGuildFrame()
        if IsInGuild() then     
            CommunitiesFrame:SetDisplayMode(COMMUNITIES_FRAME_DISPLAY_MODES.ROSTER)
        end 
end

Then all the guild panel is tainted and every operations trigger an error like this:

Lua Code:

x [ADDON_ACTION_FORBIDDEN] AddOn 'gmGuildFriends' tried to call the protected function 'SetNote()'.
[string "@Interface/AddOns/!BugGrabber/BugGrabber.lua"]:480: in function <Interface/AddOns/!BugGrabber/BugGrabber.lua:480>
[string "=[C]"]: in function `SetNote'
[string "@Interface/FrameXML/StaticPopup.lua"]:2686: in function `EditBoxOnEnterPressed'
[string "@Interface/FrameXML/StaticPopup.lua"]:5135: in function `StaticPopup_EditBoxOnEnterPressed'
[string "*StaticPopup.xml:148_OnEnterPressed"]:1: in function <[string "*StaticPopup.xml:148_OnEnterPressed"]:1>

How I can do to prevent this ?
Thanks so much in advance for any helps.

gmarco · 11-11-22, 12:01 PM

Hi,

is possible that it is as easy as :

Lua Code:

if button == "LeftButton" then
            hooksecurefunc(ToggleGuildFrame())
            if IsInGuild() then     
                CommunitiesFrame:SetDisplayMode(COMMUNITIES_FRAME_DISPLAY_MODES.ROSTER)
            end 
        end

It seems to work but it is not the right solution :/
It triggers an error but not a taint anymore.
Thanks again.

SDPhantom · 11-11-22, 12:56 PM

My guess is the taint is spreading through CommunitiesFrame:SetDisplayMode() as ToggleGuildFrame() is successfully getting called, but hooksecurefunc() errors because you're giving it invalid arguments. Not to mention it doesn't even do what you're trying to use it for.

hooksecurefunc() allows someone to hook a function without tainting it, it doesn't magically call a function in secure mode. Nothing can do that, otherwise there would be no point in the taint system even existing.

On the more technical side, hooksecurefunc(ToggleGuildFrame()) is processed by first calling ToggleGuildFrame() as if you were trying to call it by itself. This function doesn't return anything (not even nil), so hooksecurefunc() gets called with no values (as would be returned by ToggleGuildFrame()). As explained before, this is where your error is happening. As such, the rest of your code doesn't even run.

gmarco · 11-11-22, 03:27 PM

Thanks so much SDPhantom for the great explanation.

I think I begin to understand

So following your explanation I begin to looking for some sample code.

I have found this old snippet:

Lua Code:

local done
local function ToggleGuildFrame_hook()
    if not done then
        GuildFrameTab2:Click()
        done=true
    end
end
        
hooksecurefunc("ToggleGuildFrame",ToggleGuildFrame_hook)

For me it doesnt work anymore but it is a good starting point where begin to work on

Thanks again for your time.

gmarco · 11-11-22, 03:36 PM

Originally Posted by SDPhantom

My guess is the taint is spreading through CommunitiesFrame:SetDisplayMode()

Hi again ...

I can confirm this, infact rewriting in this way doesnt trigger taint

Lua Code:

if button == "LeftButton" then
      ToggleGuildFrame()
end

So I think I can fix in this way removing the:

Lua Code:

CommunitiesFrame:SetDisplayMode(COMMUNITIES_FRAME_DISPLAY_MODES.ROSTER)

Thanks again for the fantastic input.

Taudier · 11-12-22, 02:13 AM

Originally Posted by gmarco

So I think I can fix in this way removing the:

or you can remove all you addons and no more taint !

SetDisplayMode is inside AddOns\Blizzard_Communities\CommunitiesFrame.lua, juste in case...

gmarco · 11-12-22, 10:24 PM

Thanks Taudier for your input on where the function is located.

I checked it:
https://github.com/tomrus88/Blizzard...itiesFrame.lua

Now I ask if there is someone that want to spare sometime to explain how to build an hooksecurefunc(...) on SetDisplayMode as SDPhantom said because this is over my skills of (very poor) programmer

I think I should hook here:

but I cant imagine how I have to modify this function to remove taint if it is working now in the right way.

Thanks to all.

Taudier · 11-13-22, 05:31 AM

you can try to modify :

Code:

	if displayMode == COMMUNITIES_FRAME_DISPLAY_MODES.ROSTER or self:IsShowingApplicantList() then
		if isGuildCommunitySelected then
			C_GuildInfo.GuildRoster();
		end
		self.GuildMemberListDropDownMenu:SetShown(isGuildCommunitySelected);
		self.CommunityMemberListDropDownMenu:SetShown(self:HasCommunityFinderPermissions(clubId, clubInfo));
	end

as BugGrabber sugest in your first post, but it won't probably work and something will be missing

a better solution is to create a secure button who clicks on a blizzard button who calls the SetDisplayMode

gmarco · 11-13-22, 11:52 PM

Hi,

I have tried different ways but the SetDisplayMode() seems the only right (and working) way to jump in roster view. But it always trigger taint if not rewritten in a hooksecurefunc() that I am not even able to imagine

So the addon stay with the only:

Lua Code:

ToggleGuildFrame()

that works great and nicely.

Thanks to all for the help and patience.

SDPhantom · 11-14-22, 04:35 AM

Originally Posted by gmarco

I have tried different ways but the SetDisplayMode() seems the only right (and working) way to jump in roster view. But it always trigger taint if not rewritten in a hooksecurefunc() that I am not even able to imagine

Originally Posted by SDPhantom

hooksecurefunc() ... doesn't even do what you're trying to use it for.

hooksecurefunc() allows someone to hook a function without tainting it, it doesn't magically call a function in secure mode.

Here's an example usage of hooksecurefunc().

Lua Code:

hooksecurefunc("CastSpellByName",function(name,target)
    if target then
        print("Casting",name,"at",target);
    else
        print("Casting",name);
    end
end);

It allows you to hook a protected function to run other code when called. In this case, it shows a message whenever CastSpellByName() runs. This is backwards from what you're trying to do, which is to call a function without carrying your taint to it.

What Blizzard does to achieve this is create a frame to pass values through its attributes, then fire an OnAttribute script. The calling function may be tainted, but the script remains secure. This method is only available to Blizzard as trying to replicate it in an addon yields a tainted OnAttribute script anyway that doesn't help at all.

An example of this is how UIParent handles managed frame positions.