diff options
author | kwolekr <kwolekr@minetest.net> | 2015-07-14 03:22:16 -0400 |
---|---|---|
committer | kwolekr <kwolekr@minetest.net> | 2015-07-14 03:22:16 -0400 |
commit | 515e7028ac5121bc6a5205b12aae731eed630b05 (patch) | |
tree | 4e804f085ad81ef19907630086db01e54c4d57c3 /src/util/serialize.cpp | |
parent | 5006ce82609b2260f191b132f2dabcfdb06d6e20 (diff) | |
download | minetest-515e7028ac5121bc6a5205b12aae731eed630b05.tar.gz minetest-515e7028ac5121bc6a5205b12aae731eed630b05.tar.bz2 minetest-515e7028ac5121bc6a5205b12aae731eed630b05.zip |
Increase limit of serialized long strings
Diffstat (limited to 'src/util/serialize.cpp')
-rw-r--r-- | src/util/serialize.cpp | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/util/serialize.cpp b/src/util/serialize.cpp index 120884d13..0d38b9608 100644 --- a/src/util/serialize.cpp +++ b/src/util/serialize.cpp @@ -126,6 +126,10 @@ std::wstring deSerializeWideString(std::istream &is) std::string serializeLongString(const std::string &plain) { char buf[4]; + + if (plain.size() > LONG_STRING_MAX) + throw SerializationError("String too long for serializeLongString"); + writeU32((u8*)&buf[0], plain.size()); std::string s; s.append(buf, 4); @@ -147,8 +151,10 @@ std::string deSerializeLongString(std::istream &is) return s; // We don't really want a remote attacker to force us to allocate 4GB... - if (s_size > LONG_STRING_MAX) - throw SerializationError("deSerializeLongString: string too long"); + if (s_size > LONG_STRING_MAX) { + throw SerializationError("deSerializeLongString: " + "string too long: " + itos(s_size) + " bytes"); + } Buffer<char> buf2(s_size); is.read(&buf2[0], s_size); |