Skip to content

LemoBits/godot

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

80,786 Commits
.github
.github
 
 
core
core
 
 
doc
doc
 
 
drivers
drivers
 
 
editor
editor
 
 
main
main
 
 
misc
misc
 
 
modules
modules
 
 
platform
platform
 
 
scene
scene
 
 
servers
servers
 
 
tests
tests
 
 
thirdparty
thirdparty
 
 
.clang-format
.clang-format
 
 
.clang-tidy
.clang-tidy
 
 
.clangd
.clangd
 
 
.editorconfig
.editorconfig
 
 
.git-blame-ignore-revs
.git-blame-ignore-revs
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.mailmap
.mailmap
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
AGENTS.md
AGENTS.md
 
 
AUTHORS.md
AUTHORS.md
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
COPYRIGHT.txt
COPYRIGHT.txt
 
 
DONORS.md
DONORS.md
 
 
LICENSE.txt
LICENSE.txt
 
 
LOGO_LICENSE.txt
LOGO_LICENSE.txt
 
 
README.md
README.md
 
 
SConstruct
SConstruct
 
 
gles3_builders.py
gles3_builders.py
 
 
glsl_builders.py
glsl_builders.py
 
 
icon.png
icon.png
 
 
icon.svg
icon.svg
 
 
icon_outlined.png
icon_outlined.png
 
 
icon_outlined.svg
icon_outlined.svg
 
 
logo.png
logo.png
 
 
logo.svg
logo.svg
 
 
logo_outlined.png
logo_outlined.png
 
 
logo_outlined.svg
logo_outlined.svg
 
 
methods.py
methods.py
 
 
platform_methods.py
platform_methods.py
 
 
pyproject.toml
pyproject.toml
 
 
scu_builders.py
scu_builders.py
 
 
version.py
version.py
 
 

Repository files navigation

Godot Engine

This fork applies security‑focused patches to reduce error‑log leakage and enforce symbol stripping in release builds.

Engine changes

  • Release error logging disabled: Non‑debug builds no longer emit _err_print_error output. Debug/editor builds behave as upstream.
  • Function/file redaction: When error logging is enabled in debug/dev builds, function/file/line are printed as normal. In release builds they are blanked, preventing name leakage.
  • Release print_error blocked: print_error() is a no‑op in non‑debug builds.
  • Default error print flag: CoreGlobals::print_error_enabled defaults to false in non‑debug builds.
  • Export encryption hardening: Script encryption key loading is less signature-friendly (runtime reconstruction + non-sequential decoding), and encrypted-pack error strings are less stable as anchors.

Build pipeline: symbol stripping

A new SCons option controls symbol stripping:

  • strip_symbols (bool): Strip symbols in non‑debug builds.
  • Default: enabled for release (template_release), disabled for debug/editor.

Example builds

  • Release with stripping (default):
    • scons target=template_release
  • Release without stripping:
    • scons target=template_release strip_symbols=no
  • Debug/editor builds (no stripping by default):
    • scons target=template_debug
    • scons target=editor

PCK encryption usage

This fork adds an extra XOR layer on top of the existing AES‑CFB pack encryption. To enable it, set the encryption key environment variable when compiling export templates, then enable pack encryption in the editor’s export settings.

  • Set key before building templates:
    • export SCRIPT_AES256_ENCRYPTION_KEY="your_generated_key"
  • Build export templates with this fork.
  • In the editor, enable “Encrypt PCK” for the export preset.

Note: Packs encrypted by stock Godot are not compatible with this fork’s XOR layer.

Files modified

  • core/core_globals.h — default error print flag by build type.
  • core/core_builders.py — obfuscates generated script encryption key loading.
  • core/error/error_macros.h — redacts FUNCTION_STR in release builds.
  • core/error/error_macros.cpp — redacts function/file/line in release builds.
  • core/io/file_access_encrypted.cpp — adds XOR masking for encrypted packs.
  • core/io/file_access_pack.cpp — uses script key API for encrypted packs; reduces anchor strings.
  • core/io/logger.cpp — suppresses error logging in release builds.
  • core/object/script_language.h — declares get_script_encryption_key().
  • core/string/print_string.cpp — disables print_error() in release builds.
  • SConstruct — adds strip_symbols option and gates linker stripping.
  • tests/core/io/test_encrypted_pack_directory.h — adds encrypted directory pack test.

Dev log (4.5.1-stable-patch)

This branch (4.5.1-stable-patch) is based on 4.5.1-stable and adds a small, security-focused patch set aimed at reducing accidental information disclosure and raising the bar for casual static inspection of exports.

Goals

  • Reduce release-build leakage of engine internals (paths, symbols, call sites).
  • Keep debug/editor ergonomics close to upstream.
  • Provide opt-out controls for build/pipeline behavior.

Changes (commit summary)

  • dfe77f4e8a Release builds suppress engine error logging (_err_print_error).
  • f4ad1dc8f1 Add strip_symbols SCons option (default: on for release).
  • c46ea43832 Document the patch controls and intended behavior.
  • 055e371f2c Add XOR masking on top of AES-CFB pack encryption (fork-only).

Additional hardening

  • Script encryption key is no longer stored as a contiguous 32-byte global; it is reconstructed at runtime from obfuscated fragments.
  • Encrypted pack open failures avoid stable, extractor-friendly anchor strings.

Notes and limitations

  • These changes do not make exports “tamper-proof” or provide DRM; they reduce observability and make casual reversing harder, but motivated attackers can still inspect memory, hook APIs, or patch binaries.
  • Pack encryption requires key handling discipline. Treat the key as a secret in your build pipeline and avoid shipping it in plain text.
  • Packs encrypted by stock Godot are not compatible with this fork’s XOR layer.

Suggested verification

  • Build template_release and confirm errors are not printed at runtime.
  • Build template_debug / editor and confirm upstream-style error output is preserved for development.
  • Export with “Encrypt PCK” enabled and confirm the runtime can mount and read the encrypted pack on the target platform.

License

This fork is licensed under the GNU General Public License v3.0. See LICENSE.txt for the full license text.

Some files and bundled third-party components are under different terms. See COPYRIGHT.txt and the thirdparty/* license files for details.

About

[WIP Do NOT use]Godot with security improvements

Resources

Readme

License

GPL-3.0 license

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3,136
+ 3,122 contributors

Languages