Make NetworkPacket respect serialized string size limits

This commit is contained in:
kwolekr 2015-08-10 02:16:55 -04:00
parent 18cfd89a86
commit 1c408c4f1d

@ -85,7 +85,7 @@ NetworkPacket& NetworkPacket::operator>>(std::string& dst)
{ {
checkReadOffset(m_read_offset, 2); checkReadOffset(m_read_offset, 2);
u16 strLen = readU16(&m_data[m_read_offset]); u16 strLen = readU16(&m_data[m_read_offset]);
m_read_offset += sizeof(u16); m_read_offset += 2;
dst.clear(); dst.clear();
@ -105,8 +105,8 @@ NetworkPacket& NetworkPacket::operator>>(std::string& dst)
NetworkPacket& NetworkPacket::operator<<(std::string src) NetworkPacket& NetworkPacket::operator<<(std::string src)
{ {
u16 msgsize = src.size(); u16 msgsize = src.size();
if (msgsize > 0xFFFF) { if (msgsize > STRING_MAX_LEN) {
msgsize = 0xFFFF; throw PacketError("String too long");
} }
*this << msgsize; *this << msgsize;
@ -119,8 +119,8 @@ NetworkPacket& NetworkPacket::operator<<(std::string src)
void NetworkPacket::putLongString(std::string src) void NetworkPacket::putLongString(std::string src)
{ {
u32 msgsize = src.size(); u32 msgsize = src.size();
if (msgsize > 0xFFFFFFFF) { if (msgsize > LONG_STRING_MAX_LEN) {
msgsize = 0xFFFFFFFF; throw PacketError("String too long");
} }
*this << msgsize; *this << msgsize;
@ -155,8 +155,8 @@ NetworkPacket& NetworkPacket::operator>>(std::wstring& dst)
NetworkPacket& NetworkPacket::operator<<(std::wstring src) NetworkPacket& NetworkPacket::operator<<(std::wstring src)
{ {
u16 msgsize = src.size(); u16 msgsize = src.size();
if (msgsize > 0xFFFF) { if (msgsize > WIDE_STRING_MAX_LEN) {
msgsize = 0xFFFF; throw PacketError("String too long");
} }
*this << msgsize; *this << msgsize;
@ -179,6 +179,10 @@ std::string NetworkPacket::readLongString()
return ""; return "";
} }
if (strLen > LONG_STRING_MAX_LEN) {
throw PacketError("String too long");
}
checkReadOffset(m_read_offset, strLen); checkReadOffset(m_read_offset, strLen);
std::string dst; std::string dst;