From 515e7028ac5121bc6a5205b12aae731eed630b05 Mon Sep 17 00:00:00 2001
From: kwolekr <kwolekr@minetest.net>
Date: Tue, 14 Jul 2015 03:22:16 -0400
Subject: Increase limit of serialized long strings

---
 src/util/serialize.cpp | 10 ++++++++--
 src/util/serialize.h   |  4 ++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/util/serialize.cpp b/src/util/serialize.cpp
index 120884d13..0d38b9608 100644
--- a/src/util/serialize.cpp
+++ b/src/util/serialize.cpp
@@ -126,6 +126,10 @@ std::wstring deSerializeWideString(std::istream &is)
 std::string serializeLongString(const std::string &plain)
 {
 	char buf[4];
+
+	if (plain.size() > LONG_STRING_MAX)
+		throw SerializationError("String too long for serializeLongString");
+
 	writeU32((u8*)&buf[0], plain.size());
 	std::string s;
 	s.append(buf, 4);
@@ -147,8 +151,10 @@ std::string deSerializeLongString(std::istream &is)
 		return s;
 
 	// We don't really want a remote attacker to force us to allocate 4GB...
-	if (s_size > LONG_STRING_MAX)
-		throw SerializationError("deSerializeLongString: string too long");
+	if (s_size > LONG_STRING_MAX) {
+		throw SerializationError("deSerializeLongString: "
+			"string too long: " + itos(s_size) + " bytes");
+	}
 
 	Buffer<char> buf2(s_size);
 	is.read(&buf2[0], s_size);
diff --git a/src/util/serialize.h b/src/util/serialize.h
index fcba90903..60f25d740 100644
--- a/src/util/serialize.h
+++ b/src/util/serialize.h
@@ -426,8 +426,8 @@ inline video::SColor readARGB8(std::istream &is)
 	More serialization stuff
 */
 
-// 8 MB is a conservative limit.  Increase later if problematic.
-#define LONG_STRING_MAX (8 * 1024 * 1024)
+// 64 MB ought to be enough for anybody - Billy G.
+#define LONG_STRING_MAX (64 * 1024 * 1024)
 
 // Creates a string with the length as the first two bytes
 std::string serializeString(const std::string &plain);
-- 
cgit v1.2.3