From: kwolekr Date: Mon, 10 Aug 2015 06:16:55 +0000 (-0400) Subject: Make NetworkPacket respect serialized string size limits X-Git-Tag: 0.4.13~26 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1c408c4f1df25ecec0dd8ea8b6cb00534e08bc66;p=oweals%2Fminetest.git Make NetworkPacket respect serialized string size limits --- diff --git a/src/network/networkpacket.cpp b/src/network/networkpacket.cpp index 0c5604872..b5e451cdb 100644 --- a/src/network/networkpacket.cpp +++ b/src/network/networkpacket.cpp @@ -85,7 +85,7 @@ NetworkPacket& NetworkPacket::operator>>(std::string& dst) { checkReadOffset(m_read_offset, 2); u16 strLen = readU16(&m_data[m_read_offset]); - m_read_offset += sizeof(u16); + m_read_offset += 2; dst.clear(); @@ -105,8 +105,8 @@ NetworkPacket& NetworkPacket::operator>>(std::string& dst) NetworkPacket& NetworkPacket::operator<<(std::string src) { u16 msgsize = src.size(); - if (msgsize > 0xFFFF) { - msgsize = 0xFFFF; + if (msgsize > STRING_MAX_LEN) { + throw PacketError("String too long"); } *this << msgsize; @@ -119,8 +119,8 @@ NetworkPacket& NetworkPacket::operator<<(std::string src) void NetworkPacket::putLongString(std::string src) { u32 msgsize = src.size(); - if (msgsize > 0xFFFFFFFF) { - msgsize = 0xFFFFFFFF; + if (msgsize > LONG_STRING_MAX_LEN) { + throw PacketError("String too long"); } *this << msgsize; @@ -155,8 +155,8 @@ NetworkPacket& NetworkPacket::operator>>(std::wstring& dst) NetworkPacket& NetworkPacket::operator<<(std::wstring src) { u16 msgsize = src.size(); - if (msgsize > 0xFFFF) { - msgsize = 0xFFFF; + if (msgsize > WIDE_STRING_MAX_LEN) { + throw PacketError("String too long"); } *this << msgsize; @@ -179,6 +179,10 @@ std::string NetworkPacket::readLongString() return ""; } + if (strLen > LONG_STRING_MAX_LEN) { + throw PacketError("String too long"); + } + checkReadOffset(m_read_offset, strLen); std::string dst;