Sanitise BVM_ANIMATEACTOR speed and BVM_CREATEEMITTER offsets#239
Merged
Conversation
Completes the BVM float-sanitisation sweep started in #237/#238. Two more BVM commands broadcast script-supplied floats without clamping: - BVM_ANIMATEACTOR (Param3# anim speed -> P_AnimateActor wire). NaN speed locks up the animation timer for that actor on each receiver. - BVM_CREATEEMITTER (Param5/6/7# offset coords -> P_CreateEmitter wire). NaN offset poisons emitter positioning. Both use ClampSaneFloat# (1e9 magnitude cap with NaN/Inf rejection) since emitter offsets and anim speeds are bounded small numbers, not world-space coords. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This was referenced May 25, 2026
CoreyRDean
added a commit
that referenced
this pull request
May 27, 2026
docs/modules/scripting.md (the already-existing runtime-half overview) references docs/modules/scriptingcommands.md as the implementation- half companion -- but the file didn't exist. Dangling link surfaced during iteration #38 recon. Wrote the module-level overview for ScriptingCommands.bb (~3300 lines, 222 BVM_* functions): * File-structure section table (~50-3300 grouped by theme: privilege helpers / actor lifecycle / items / spells / attributes / party / output / persistence / UDP). Refresh trigger when reorganization happens; navigation aid, not strict spec. * Privilege gating section consolidates the four CLAUDE.md gate categories, the clicker-handle trap (`SI\AI = Handle(clicker)` for Examine/Trade/RightClick/ItemScript), and the full currently-gated brick-vector cluster (11 functions with their threat shapes). * Dead-API surface (BVM_SETOWNER + BVM_SCENERYOWNER) -- references PR #297's stack-balance sentinel fix and the opcode-stability rationale for keeping the contract entries alive. * Float / integer hardening overview -- ClampWorldCoord# / ClampSaneFloat# and the bounds-check-before-array-index pattern. * Handle-Null discipline -- the canonical entry pattern that every BVM body must follow (Object.X(handle) returns Null for stale handles). * "Adding a new BVM function" three-file-lockstep procedure (ScriptingCommands.bb impl + RC_Standard_Invoker.bb contract + dispatch Case + RC_Standard.bcs compile-time twin), the alphabetical-opcode-shift gotcha, and the privilege-gate decision tree. * Notable historical hardening table cross-referencing PRs #260, #237-#239, #246-#248, #233/#234, #300, #301, #304. * Related-modules section linking back to scripting.md / bvm-reference.md / RC_Standard_Invoker.bb / RC_Standard.bcs / ServerNet.bb / BVMPrivilegeGateTest.bb / CLAUDE.md. Closes the dangling-link gap; future scripting.md readers now have a landing page for the implementation half. rc_standard_invoker.md is still a dangling link from scripting.md -- deferred to a separate iteration (it's more arcane; the BVM-reference auto-gen already covers the user-facing API surface). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Completes the BVM float-sanitisation sweep started in #237 / #238. Two more BVM commands broadcast script-supplied floats without clamping:
BVM_ANIMATEACTORParam3#anim speedP_AnimateActorwire — NaN locks up animation timer for that actor on each receiverBVM_CREATEEMITTERParam5/6/7#offset coordsP_CreateEmitterwire — NaN poisons emitter positioningBoth use
ClampSaneFloat#(1e9 magnitude cap with NaN/Inf rejection) since emitter offsets and anim speeds are bounded small numbers, not world-space coords.Test plan
compile.bat -tcleanCo-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com