2021.7.24.632 - Security fix for malformed LogiX causing crash
Pushing a hotfix for an exploit due to reports of it being abused against users. Unfortunately this means a small performance penalty (in most cases should probably be negligible) before we have a redesigned LogiX initialization system in place.
Compatible with previous build.
[h2]Security:[/h2]
- Added guard against infinite recusion in LogiX causing Neos to crash (previously reported by @I'm Erin., @ThomFox, @Balazus and others)
-- Note that's a small performance penalty (depending on complexity of LogiX setup might not even be measurable) for this fix due to time constraints for the fix. This will be replaced by a more efficient system in the future with LogiX rework
-- There's should be no functional difference for valid LogiX setup in most cases, except in cases of excessively long evaluation chains (more than 512 deep)
-- Also please note that using exploits and crashing other users without their explicit consent (e.g. outside researching exploits with consenting participants) is a moderation offense and not a tool to be used for self moderation
Compatible with previous build.
[h2]Security:[/h2]
- Added guard against infinite recusion in LogiX causing Neos to crash (previously reported by @I'm Erin., @ThomFox, @Balazus and others)
-- Note that's a small performance penalty (depending on complexity of LogiX setup might not even be measurable) for this fix due to time constraints for the fix. This will be replaced by a more efficient system in the future with LogiX rework
-- There's should be no functional difference for valid LogiX setup in most cases, except in cases of excessively long evaluation chains (more than 512 deep)
-- Also please note that using exploits and crashing other users without their explicit consent (e.g. outside researching exploits with consenting participants) is a moderation offense and not a tool to be used for self moderation