Validation of /alias command

[SwamiUmami]

/alias command is very flexible. You can pass a long chain of commands to it by using double quotes like this:
alias "ns" "cl_player_name ""newstyle""; cl_player_headstyle 0; retry"
You can then use /ns command in game, and the chain of commands will be executed. It has many use cases, as it allows you to call many commands, or set multiple cvars at once with a short command. Note, however, that an alias doesn't work as an alternative name for a command. So, for example if you set /alias e echo, you can't pass arguments to echo when executing /e. /e "my text" will not call /echo "my text", just /echo as set in alias.

While it's a useful and handy command, its usage can lead to harmful consequences, such as stack overflows.

Scenario 1
Nothing stops you from setting /alias x x and then calling /x in game. This will lead to a stack overflow.

Scenario 2
/alias a b
/alias b a
Now call either /a or /b. Once again, that's a stack overflow.

So, how can we validate /alias command?

• It doesn't make sense to prevent calling /alias with two equal parameters /alias x x, as it fails on Scenario 2
• It's hard to check if 2nd argument of /alias name command is an actual command or a cvar, because it can contain a chain of commands and cvar settings separated by ;
• It's also tricky to validate the aliased commands/cvars at runtime, in CommandExecuteAlias. We just pass commands split by ; to ParseInput, which ignores a non-existing command/cvar

It seems hard to sanitize user's input in this case. Do you have any other ideas?

[BranDougherty]

If there was a clean way to thread through a nestlevel variable, and bail out at some arbitrary depth like 20, that should work (Edit: With the way the system is currently designed, it should probably just be another global). As far as validation, IMO validating at the point of execution, ParseInput, is sufficient for this system. Maybe a generic error message should be printed there.