dave/openttd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix length checks in network packet send/recv binary

Browse Source
This commit is contained in:
Jonathan G Rennison
2019-05-21 18:55:54 +01:00
parent 5a9790a196
commit dc357c9239
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/network/core/packet.cpp
View File

@@ -168,7 +168,7 @@ void Packet::Send_string(const char *data)
void Packet::Send_binary(const char *data, const size_t size) void Packet::Send_binary(const char *data, const size_t size)
{ {
assert(data != nullptr); assert(data != nullptr);
assert(size < MAX_CMD_TEXT_LENGTH); assert(this->size + size <= SHRT_MAX);
memcpy(&this->buffer[this->size], data, size); memcpy(&this->buffer[this->size], data, size);
this->size += (PacketSize) size; this->size += (PacketSize) size;
} }
@@ -351,8 +351,7 @@ void Packet::Recv_string(std::string &buffer, StringValidationSettings settings)
*/ */
void Packet::Recv_binary(char *buffer, size_t size) void Packet::Recv_binary(char *buffer, size_t size)
{ {
/* Don't allow reading from a closed socket */ if (!this->CanReadFromPacket(size)) return;
if (cs->HasClientQuit()) return;
memcpy(buffer, &this->buffer[this->pos], size); memcpy(buffer, &this->buffer[this->pos], size);
this->pos += (PacketSize) size; this->pos += (PacketSize) size;
@@ -365,8 +364,7 @@ void Packet::Recv_binary(char *buffer, size_t size)
*/ */
void Packet::Recv_binary(std::string &buffer, size_t size) void Packet::Recv_binary(std::string &buffer, size_t size)
{ {
/* Don't allow reading from a closed socket */ if (!this->CanReadFromPacket(size)) return;
if (cs->HasClientQuit()) return;
buffer.assign((const char *) &this->buffer[this->pos], size); buffer.assign((const char *) &this->buffer[this->pos], size);
this->pos += (PacketSize) size; this->pos += (PacketSize) size;