diff options
author | kwolekr <kwolekr@minetest.net> | 2015-08-10 02:16:55 -0400 |
---|---|---|
committer | kwolekr <kwolekr@minetest.net> | 2015-08-10 02:16:55 -0400 |
commit | 1c408c4f1df25ecec0dd8ea8b6cb00534e08bc66 (patch) | |
tree | c208ae58ae7ad8dbcb9b4824818103e25421d7e1 | |
parent | 18cfd89a86af550b3c4663def77a5fac46e895ae (diff) | |
download | minetest-1c408c4f1df25ecec0dd8ea8b6cb00534e08bc66.tar.gz minetest-1c408c4f1df25ecec0dd8ea8b6cb00534e08bc66.tar.bz2 minetest-1c408c4f1df25ecec0dd8ea8b6cb00534e08bc66.zip |
Make NetworkPacket respect serialized string size limits
-rw-r--r-- | src/network/networkpacket.cpp | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/network/networkpacket.cpp b/src/network/networkpacket.cpp index 0c5604872..b5e451cdb 100644 --- a/src/network/networkpacket.cpp +++ b/src/network/networkpacket.cpp @@ -85,7 +85,7 @@ NetworkPacket& NetworkPacket::operator>>(std::string& dst) { checkReadOffset(m_read_offset, 2); u16 strLen = readU16(&m_data[m_read_offset]); - m_read_offset += sizeof(u16); + m_read_offset += 2; dst.clear(); @@ -105,8 +105,8 @@ NetworkPacket& NetworkPacket::operator>>(std::string& dst) NetworkPacket& NetworkPacket::operator<<(std::string src) { u16 msgsize = src.size(); - if (msgsize > 0xFFFF) { - msgsize = 0xFFFF; + if (msgsize > STRING_MAX_LEN) { + throw PacketError("String too long"); } *this << msgsize; @@ -119,8 +119,8 @@ NetworkPacket& NetworkPacket::operator<<(std::string src) void NetworkPacket::putLongString(std::string src) { u32 msgsize = src.size(); - if (msgsize > 0xFFFFFFFF) { - msgsize = 0xFFFFFFFF; + if (msgsize > LONG_STRING_MAX_LEN) { + throw PacketError("String too long"); } *this << msgsize; @@ -155,8 +155,8 @@ NetworkPacket& NetworkPacket::operator>>(std::wstring& dst) NetworkPacket& NetworkPacket::operator<<(std::wstring src) { u16 msgsize = src.size(); - if (msgsize > 0xFFFF) { - msgsize = 0xFFFF; + if (msgsize > WIDE_STRING_MAX_LEN) { + throw PacketError("String too long"); } *this << msgsize; @@ -179,6 +179,10 @@ std::string NetworkPacket::readLongString() return ""; } + if (strLen > LONG_STRING_MAX_LEN) { + throw PacketError("String too long"); + } + checkReadOffset(m_read_offset, strLen); std::string dst; |