added checking for invalid/malicious packet size in network protocol

author Holger Schemel <info@artsoft.org>

Fri, 31 Aug 2018 06:46:03 +0000 (08:46 +0200)

committer Holger Schemel <info@artsoft.org>

Fri, 31 Aug 2018 06:46:03 +0000 (08:46 +0200)
author Holger Schemel <info@artsoft.org>
Fri, 31 Aug 2018 06:46:03 +0000 (08:46 +0200)
committer Holger Schemel <info@artsoft.org>
Fri, 31 Aug 2018 06:46:03 +0000 (08:46 +0200)
diff --git a/src/netserv.c b/src/netserv.c

index eef7aa111e43466b56be71b44afa311e259b3c7f..73d35fb32de81a044726b4c0d008a274172cddee 100644 (file)
--- a/src/netserv.c
+++ b/src/netserv.c
@@ -187,6 +187,14 @@ static void increaseNetworkBuffer(struct NetworkBuffer *nb, int additional_size)
  int receiveNetworkBufferBytes(struct NetworkBuffer *nb, TCPsocket socket,
                              int num_bytes)
  {
+  if (num_bytes > MAX_PACKET_SIZE)
+  {
+    Error(ERR_NETWORK_SERVER, "protocol error: invalid packet size %d",
+         num_bytes);
+
+    return -1;
+  }
+
    if (nb->pos + num_bytes > nb->max_size)
      increaseNetworkBuffer(nb, num_bytes);
  
diff --git a/src/netserv.h b/src/netserv.h

index baebb99c2298fb19ccc4ad8a281bfa4acf7c33db..ec24d34408403c56d9509ae12b76246d934d1d7c 100644 (file)
--- a/src/netserv.h
+++ b/src/netserv.h
@@ -36,6 +36,7 @@
  #define OP_LEVEL_FILE          14
  
  #define MAX_BUFFER_SIZE                4096
+#define MAX_PACKET_SIZE                1048576
  
  
  struct NetworkBuffer
author	Holger Schemel <info@artsoft.org>
	Fri, 31 Aug 2018 06:46:03 +0000 (08:46 +0200)
committer	Holger Schemel <info@artsoft.org>
	Fri, 31 Aug 2018 06:46:03 +0000 (08:46 +0200)
src/netserv.c		patch \| blob \| history
src/netserv.h		patch \| blob \| history