From c5a030e7ab0089a7b5c018c0686273bff139231f Mon Sep 17 00:00:00 2001 From: "Admiral H. Curtiss" Date: Sat, 15 Jun 2024 23:12:12 +0200 Subject: [PATCH 1/3] VideoCommon: Fix format string injection vulnerability from leaderboards --- Source/Core/VideoCommon/OnScreenUI.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Source/Core/VideoCommon/OnScreenUI.cpp b/Source/Core/VideoCommon/OnScreenUI.cpp index d3a3c7397d..15e90df60f 100644 --- a/Source/Core/VideoCommon/OnScreenUI.cpp +++ b/Source/Core/VideoCommon/OnScreenUI.cpp @@ -389,7 +389,7 @@ void OnScreenUI::DrawChallengesAndLeaderboards() ImGuiWindowFlags_AlwaysAutoResize | ImGuiWindowFlags_NoFocusOnAppearing)) { for (const auto& value : leaderboard_progress) - ImGui::Text(value.data()); + ImGui::TextUnformatted(value.c_str()); } ImGui::End(); } From 693607f1d38e90189bc973bb705498afbf41c15a Mon Sep 17 00:00:00 2001 From: "Admiral H. Curtiss" Date: Sat, 15 Jun 2024 22:56:12 +0200 Subject: [PATCH 2/3] CMake: Let UICommon depend on Core This is already the case implicitly by UICommon including several headers from Core, so just make it explicit --- Source/Core/UICommon/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/Source/Core/UICommon/CMakeLists.txt b/Source/Core/UICommon/CMakeLists.txt index 99db3a4eb8..beb5e16e3f 100644 --- a/Source/Core/UICommon/CMakeLists.txt +++ b/Source/Core/UICommon/CMakeLists.txt @@ -28,6 +28,7 @@ add_library(uicommon target_link_libraries(uicommon PUBLIC common + core cpp-optparse minizip::minizip pugixml From b8381bfa7cc6e4f7764bf193a8b824533038c4bc Mon Sep 17 00:00:00 2001 From: "Admiral H. Curtiss" Date: Sat, 15 Jun 2024 22:58:04 +0200 Subject: [PATCH 3/3] CMake: Make the rcheevos dependency public Since rcheevos headers are included in AchievementManager.h, and everyone that depends on Core can include that, we must also pass on the include directory and defines to those dependencies --- Source/Core/Core/CMakeLists.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Source/Core/Core/CMakeLists.txt b/Source/Core/Core/CMakeLists.txt index 535e687475..54a2e18db5 100644 --- a/Source/Core/Core/CMakeLists.txt +++ b/Source/Core/Core/CMakeLists.txt @@ -779,7 +779,7 @@ if(MSVC) endif() if(USE_RETRO_ACHIEVEMENTS) - target_link_libraries(core PRIVATE rcheevos) - target_compile_definitions(core PRIVATE -DUSE_RETRO_ACHIEVEMENTS) - target_compile_definitions(core PRIVATE -DRC_CLIENT_SUPPORTS_HASH) + target_link_libraries(core PUBLIC rcheevos) + target_compile_definitions(core PUBLIC -DUSE_RETRO_ACHIEVEMENTS) + target_compile_definitions(core PUBLIC -DRC_CLIENT_SUPPORTS_HASH) endif()