Increase limit of serialized long strings

diff --git a/src/util/serialize.cpp b/src/util/serialize.cpp
index 120884d138651209e2019c35bbcaadf1a40564c6..0d38b960866c157fc1ac01683e4a27a6058300a6 100644 (file)
--- a/src/util/serialize.cpp
+++ b/src/util/serialize.cpp
@@ -126,6 +126,10 @@ std::wstring deSerializeWideString(std::istream &is)
 std::string serializeLongString(const std::string &plain)
 {
        char buf[4];
+
+       if (plain.size() > LONG_STRING_MAX)
+               throw SerializationError("String too long for serializeLongString");
+
        writeU32((u8*)&buf[0], plain.size());
        std::string s;
        s.append(buf, 4);
@@ -147,8 +151,10 @@ std::string deSerializeLongString(std::istream &is)
                return s;
 
        // We don't really want a remote attacker to force us to allocate 4GB...
-       if (s_size > LONG_STRING_MAX)
-               throw SerializationError("deSerializeLongString: string too long");
+       if (s_size > LONG_STRING_MAX) {
+               throw SerializationError("deSerializeLongString: "
+                       "string too long: " + itos(s_size) + " bytes");
+       }
 
        Buffer<char> buf2(s_size);
        is.read(&buf2[0], s_size);

diff --git a/src/util/serialize.h b/src/util/serialize.h
index fcba9090306c2988b599ff62a67d781e61d5969e..60f25d7403cfb3c7cc51629ea5e3be338e686069 100644 (file)
--- a/src/util/serialize.h
+++ b/src/util/serialize.h
@@ -426,8 +426,8 @@ inline video::SColor readARGB8(std::istream &is)
        More serialization stuff
 */
 
-// 8 MB is a conservative limit.  Increase later if problematic.
-#define LONG_STRING_MAX (8 * 1024 * 1024)
+// 64 MB ought to be enough for anybody - Billy G.
+#define LONG_STRING_MAX (64 * 1024 * 1024)
 
 // Creates a string with the length as the first two bytes
 std::string serializeString(const std::string &plain);