From a013f762c4c9b39a1d143ee1b68e6d8e86dcee22 Mon Sep 17 00:00:00 2001
From: Kahrl <kahrl@gmx.net>
Date: Thu, 4 Jul 2013 06:18:50 +0200
Subject: Throw exception instead of assert on nested reliable packets

Fixes a denial of service vulnerability, issue #784
---
 src/connection.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/connection.cpp b/src/connection.cpp
index b94df5e82..dd7ff597b 100644
--- a/src/connection.cpp
+++ b/src/connection.cpp
@@ -1436,7 +1436,8 @@ SharedBuffer<u8> Connection::processPacket(Channel *channel,
 	else if(type == TYPE_RELIABLE)
 	{
 		// Recursive reliable packets not allowed
-		assert(reliable == false);
+		if(reliable)
+			throw InvalidIncomingDataException("Found nested reliable packets");
 
 		if(packetdata.getSize() < RELIABLE_HEADER_SIZE)
 			throw InvalidIncomingDataException
-- 
cgit v1.2.3