Thread Tools Display Modes
01-31-13, 04:02 PM   #1
Aanson
A Flamescale Wyrmkin
Join Date: Aug 2009
Posts: 124
Taint

Evening folks

I've said a few times before on these forums that I want to be absolutely certain that I'm not degrading the performance of the game because of a lack of knowledge on my part. I'm hooking the func 'UseContainerItem' so that I can add the optional ability for the user to right-click an item in their inventory (while the Auction House is open, regardless of which tab is being used) and that item will be put up for sale.

As it stands, if you're in the 'Bid' or 'Browse' tab, an unmodified right click will attempt to use or equip the item in question.

Here's the code which I have written to perform this:

Lua Code:
  1. M.HookFunc_UseContainerItem = function()
  2.  
  3.     local origUseContainerItem = UseContainerItem;
  4.  
  5.     UseContainerItem = function(...)
  6.  
  7.         if ( AuctionFrame:IsVisible() and ( not AuctionFrameAuctions:IsVisible() ) ) then
  8.             AuctionFrameTab_OnClick(AuctionFrameTab3);
  9.         end
  10.  
  11.         securecall(origUseContainerItem, ...);
  12.  
  13.     end
  14.  
  15. end

Although it works fine, my primary concern is that my hooking UseContainerItem will cause Blizz code to treat it as unsecure. After the user has sold whatever they're selling, they head out into combat and the problems start.

Although UseContainerItem works fine for me during combat, it appears that it may be tainting ArkInventory. I've not yet tested using ArkInventory, while in combat, without the function loaded though, to be honest.

I've played around with the idea of hooksecurefunc, but I'm not sure that that func can produce the desired result; by the time my post-hook is called, it's already going to be trying to equip the item.

If anyone could offer some advice on this, it would be very much appreciated.

Thanks in advance,


Aanson.
__________________
__________________
  Reply With Quote
01-31-13, 04:59 PM   #2
Vlad
A Molten Giant
 
Vlad's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2005
Posts: 793
Overriding API like this will result in taint that will break any secure environment it is used in, and you won't be able to use items in combat eventually, not if UseContainerItem is involved.

hooksecurefunc it if you want but you gotta think an alternative way to achieve what you wanna achieve.

securecall only works from Blizzards own code, as a mean to try execute stuff that might be tainted, so when you use it it has no effect, hehe. :P
__________________
Profile: Curse | Wowhead

Last edited by Vlad : 01-31-13 at 05:05 PM.
  Reply With Quote
01-31-13, 05:17 PM   #3
Aanson
A Flamescale Wyrmkin
Join Date: Aug 2009
Posts: 124
Originally Posted by Vlad View Post
securecall only works from Blizzards own code, as a mean to try execute stuff that might be tainted, so when you use it it has no effect, hehe. :P
Yeah, I read that about securecall right enough. But it does have an effect alright.

- Before using securecall (ie just returning the function), I'd get an error when trying to remove something from an inventory slot.

- After adding the securecall function, the error was gone and the hooked UseContainerItem worked without any problem.

Originally Posted by Vlad View Post
Overriding API like this will result in taint that will break any secure environment it is used in, and you won't be able to use items in combat eventually, not if UseContainerItem is involved.

hooksecurefunc it if you want but you gotta think an alternative way to achieve what you wanna achieve.
That's what I was worried about. Thanks for confirming it. It's clearly better just left out entirely.

I was doing a bit of thinking after writing this post, and I'm playing with the idea of hooking the OnShow handler of StaticPopup frame instead to achieve the same result (without compromising the confirmation popups for buying something or cancelling an auction etc).

Thanks again
__________________
__________________
  Reply With Quote
01-31-13, 05:48 PM   #4
Vlad
A Molten Giant
 
Vlad's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2005
Posts: 793
Also if you run your function the hook will hook your last hook, i.e. cause a recursive effect. Just saying in case it might be triggered more than once each session.
__________________
Profile: Curse | Wowhead
  Reply With Quote
01-31-13, 05:55 PM   #5
Aanson
A Flamescale Wyrmkin
Join Date: Aug 2009
Posts: 124
Originally Posted by Vlad View Post
Also if you run your function the hook will hook your last hook, i.e. cause a recursive effect. Just saying in case it might be triggered more than once each session.
Yeah, that's alright. The function which creates the hook only gets called once...

Lua Code:
  1. elseif ( (event == "ADDON_LOADED") and (... == "Blizzard_AuctionUI") ) then

Cheers.
__________________
__________________
  Reply With Quote
01-31-13, 05:58 PM   #6
Vlad
A Molten Giant
 
Vlad's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2005
Posts: 793
Just an idea, why not hook the onclick script on the buttons in the auction UI instead the API itself?

local onClick = obj:GetScript("OnClick") to store the real "OnClick" function then obj:SetScript(...) with your own code.
__________________
Profile: Curse | Wowhead
  Reply With Quote

WoWInterface » Developer Discussions » Lua/XML Help » Taint

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off