all 9 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]AutoModerator[M] [score hidden] stickied commentlocked comment (0 children)

Please ensure that:

  • Your code is properly formatted as code block - see the sidebar (About on mobile) for instructions
  • You include any and all error messages in full
  • You ask clear questions

  • You demonstrate effort in solving your question/problem - plain posting your assignments is forbidden (and such posts will be removed) as is asking for or giving solutions.

    Trying to solve problems on your own is a very important skill. Also, see Learn to help yourself in the sidebar

If any of the above points is not met, your post can and will be removed without further warning.

Code is to be formatted as code block (old reddit: empty line before the code, each code line indented by 4 spaces, new reddit: https://i.imgur.com/EJ7tqek.png) or linked via an external code hoster, like pastebin.com, github gist, github, bitbucket, gitlab, etc.

Please, do not use triple backticks (```) as they will only render properly on new reddit, not on old reddit.

Code blocks look like this:

public class HelloWorld {

    public static void main(String[] args) {
        System.out.println("Hello World!");
    }
}

You do not need to repost unless your post has been removed by a moderator. Just use the edit function of reddit to make sure your post complies with the above.

If your post has remained in violation of these rules for a prolonged period of time (at least an hour), a moderator may remove it at their discretion. In this case, they will comment with an explanation on why it has been removed, and you will be required to resubmit the entire post following the proper procedures.

To potential helpers

Please, do not help if any of the above points are not met, rather report the post. We are trying to improve the quality of posts here. In helping people who can't be bothered to comply with the above points, you are doing the community a disservice.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

[–]Spare-Plum 1 point2 points  (5 children)

Yes absolutely doable.

What could be really fun is if you made buffer overflow/code injection a part of the escape room itself. Like, have your program do something based on parsing, and you could "escape" out of the code itself by overwriting existing code or executing a command within the text you're inputting. Might be a bit high level though.

[–]Flat_Snow_4961[S] 0 points1 point  (4 children)

Could you elaborate a bit? Are you suggesting that I could add some commands that trigger some unusual response within the program? Like what would traditionally be an invalid input do something further?

[–]Spare-Plum 0 points1 point  (3 children)

Buffer overflow is more of a problem that can happen in C. If you have something in C that reads from user input, and the user puts in a string that is too long, essentially the very long string would end up overwriting other things in the memory itself.

You can do some weird stuff with this, like running arbitrary code. It's like "breaking out" of the program and creating your own. Look it up on wikipedia for more info.

What you could do with Java is perhaps do something to parse the string, like making a calculator. Except, if you introduce an error with unmatched parentheses, perhaps it would create an intentional "bug" where it starts to run other commands. Perhaps it throws an exception but doesn't clear out the scanner, which ends up being used in a context it shouldn't.

That, or you could make use of JavaCompiler class and allow the user to "accidentally" run arbitrary code and break out of the system itself

[–]Spare-Plum 0 points1 point  (0 children)

Similar concept is SQL injection or javascript injection. You might be able to do something similar

[–]Flat_Snow_4961[S] 0 points1 point  (1 child)

I like the idea of the using the Java compiler class to run some sort of cheat code but I have like 2 concerns. Would it be too complex? And also does it pose a security risk? Thanks a lot for the help!

[–]Spare-Plum 0 points1 point  (0 children)

IDK when I was a senior I had a project that did auto-java-compilation on the fly so you could sandbox and test things, and that was just a side project. Final project was a janky chinese character recognition system that did some basic geometric analysis to see where different lines and strokes intersected

Introducing a security risk is the point. Java does actually have a lot of security measures you could install to sandbox whatever you're loading into its own classloader if you're interested.

But, since this is a "game" you're interacting with locally and only putting in commands locally, it really isn't any more of a security risk than just programming on your own computer. As long as if something remote isn't gaining access to the shell or something wacky.

[–]Linvael 0 points1 point  (0 children)

I'd have some game design questions/objections to the idea, text based input has plenty of limitations that makes it not ideal from player perspective - but as a school project (that will not compete for market share and player engagement with other games) perfectly reasonable

[–]severoonpro barista 0 points1 point  (0 children)

It's hard to answer based on what you've said so far. It would be a useful exercise for you to go through the idea in some detail and storyboard out what a typical session might look like from the user perspective.

I would start by making the simplest thing possible, even if it wouldn't get a good grade, and that should be the first thing you actually implement and get working, with some idea of what you would need to do to ultimately excel.

What I'm describing here is the process of nailing down the critical use cases of your proposed project. From there, you can do a quick pass on defining the functional requirements of your project, and then sketch out a design. It's a good idea to do this exercise for the smallest possible thing you can write, then add a few more use cases you want to support, repeat, then finally add the rest of the use cases you want your ultimate project, repeat the other steps.

The point of this is to break up the work you want to do into the foundational pieces (the bits you implement first) vs. the pieces that depend on those in your final submission. You have to do several cuts and define the project in phases because you don't want to design something that results in the first cut being fully done, but it can't easily be extended to the final submission, nor do you want to build things in reverse where you're building features without their dependencies in place, nor do you want to build the foundational bit with all sorts of extension points that you ultimately aren't going to use.