08:31 <@matricks> laxa: 1 I would guess
08:31 <@matricks> or 100....
09:19 < heinrich5991> I'd guess 100
09:26 <@minus> seems like it's 100
12:27 < heinrich5991> matricks: why did you add tests to bam but not to teeworlds?
12:48 <@matricks> just didn't happen
12:48 <@matricks> made a game instead
12:49 <@matricks> whole mentality I had when creating teeworlds was to create the game, not an engine/framework/whatever
12:49 <@matricks> because then you usually just end up creating an engine instead of a game
12:49 < BotoX> https://i.4cdn.org/g/1413110501393.png
12:50 < BotoX> （ ´_ゝ`）
12:50 <@matricks> so I wrote what was needed and nothing more
13:03 < heinrich5991> that's probably the mentality which actually results in playable games :)
13:05 <@matricks> yup
14:58 < heinrich5991> matricks: how "complete" is the ressys branch?
14:58 <@matricks> kinda
14:59 <@matricks> needs porting I think...
16:52 < heinrich5991> you said something about security implications about ressys and the used pnglib "pnglite"
16:52 < heinrich5991> but as I understand it, teeworlds already hands untrusted data to pnglite, via embedded images
16:54 <@matricks> are the embedded images png images? dunno :D
16:54 <@matricks> I think they are just zlibbed
16:56 <@matricks> heinrich5991: but yeah, extending the protocol to being able to take resources from other servers etc will increase the attack surface
16:57 < heinrich5991> you're right, the image data in the maps is actually just compress()ed via zlib
16:59 <@matricks> problem is that all resources becomes a part of the protocol, which.. well is a problem
16:59 <@matricks> also, there is probably some attacks that can be done with the maps already
17:00 < heinrich5991> well, there's absolutely no bounds-checking going on in the datafile stuff
17:00 < heinrich5991> the good part is that the client barely sends anything to the server (only input basically)
17:00 < heinrich5991> so the risk of something leaking there is probably small
17:01 < heinrich5991> I think the worst thing that can happen is a segfault with the maps
17:06 <@matricks> thats not the worst.. dunno if you could get some code exec going with those segfaults
17:07 <@minus> could try to find remote code exec in teeworlds
17:10 < heinrich5991> matricks: wouldn't that require a) writing or b) jumping?
17:10 <@matricks> heinrich5991: ?
17:11 < heinrich5991> as far as I read the source I could only see that a map can be crafted that lets teeworlds read at an arbitrary location in memory
17:11 <@matricks> perhaps, dunno
17:12 <@matricks> I havn't looked into it
17:12 <@matricks> eitherway, making resources a part of the protocol would require some sterner checks