forked from Mirrorlandia_minetest/minetest
Make NetworkPacket respect serialized string size limits
This commit is contained in:
parent
18cfd89a86
commit
1c408c4f1d
@ -85,7 +85,7 @@ NetworkPacket& NetworkPacket::operator>>(std::string& dst)
|
|||||||
{
|
{
|
||||||
checkReadOffset(m_read_offset, 2);
|
checkReadOffset(m_read_offset, 2);
|
||||||
u16 strLen = readU16(&m_data[m_read_offset]);
|
u16 strLen = readU16(&m_data[m_read_offset]);
|
||||||
m_read_offset += sizeof(u16);
|
m_read_offset += 2;
|
||||||
|
|
||||||
dst.clear();
|
dst.clear();
|
||||||
|
|
||||||
@ -105,8 +105,8 @@ NetworkPacket& NetworkPacket::operator>>(std::string& dst)
|
|||||||
NetworkPacket& NetworkPacket::operator<<(std::string src)
|
NetworkPacket& NetworkPacket::operator<<(std::string src)
|
||||||
{
|
{
|
||||||
u16 msgsize = src.size();
|
u16 msgsize = src.size();
|
||||||
if (msgsize > 0xFFFF) {
|
if (msgsize > STRING_MAX_LEN) {
|
||||||
msgsize = 0xFFFF;
|
throw PacketError("String too long");
|
||||||
}
|
}
|
||||||
|
|
||||||
*this << msgsize;
|
*this << msgsize;
|
||||||
@ -119,8 +119,8 @@ NetworkPacket& NetworkPacket::operator<<(std::string src)
|
|||||||
void NetworkPacket::putLongString(std::string src)
|
void NetworkPacket::putLongString(std::string src)
|
||||||
{
|
{
|
||||||
u32 msgsize = src.size();
|
u32 msgsize = src.size();
|
||||||
if (msgsize > 0xFFFFFFFF) {
|
if (msgsize > LONG_STRING_MAX_LEN) {
|
||||||
msgsize = 0xFFFFFFFF;
|
throw PacketError("String too long");
|
||||||
}
|
}
|
||||||
|
|
||||||
*this << msgsize;
|
*this << msgsize;
|
||||||
@ -155,8 +155,8 @@ NetworkPacket& NetworkPacket::operator>>(std::wstring& dst)
|
|||||||
NetworkPacket& NetworkPacket::operator<<(std::wstring src)
|
NetworkPacket& NetworkPacket::operator<<(std::wstring src)
|
||||||
{
|
{
|
||||||
u16 msgsize = src.size();
|
u16 msgsize = src.size();
|
||||||
if (msgsize > 0xFFFF) {
|
if (msgsize > WIDE_STRING_MAX_LEN) {
|
||||||
msgsize = 0xFFFF;
|
throw PacketError("String too long");
|
||||||
}
|
}
|
||||||
|
|
||||||
*this << msgsize;
|
*this << msgsize;
|
||||||
@ -179,6 +179,10 @@ std::string NetworkPacket::readLongString()
|
|||||||
return "";
|
return "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strLen > LONG_STRING_MAX_LEN) {
|
||||||
|
throw PacketError("String too long");
|
||||||
|
}
|
||||||
|
|
||||||
checkReadOffset(m_read_offset, strLen);
|
checkReadOffset(m_read_offset, strLen);
|
||||||
|
|
||||||
std::string dst;
|
std::string dst;
|
||||||
|
Loading…
Reference in New Issue
Block a user