From: Holger Schemel Date: Fri, 31 Aug 2018 06:46:03 +0000 (+0200) Subject: added checking for invalid/malicious packet size in network protocol X-Git-Tag: 4.1.1.0~45 X-Git-Url: https://git.artsoft.org/?a=commitdiff_plain;h=a3554a32c803528ed6837477982d7fddcf60072c;p=rocksndiamonds.git added checking for invalid/malicious packet size in network protocol --- diff --git a/src/netserv.c b/src/netserv.c index eef7aa11..73d35fb3 100644 --- a/src/netserv.c +++ b/src/netserv.c @@ -187,6 +187,14 @@ static void increaseNetworkBuffer(struct NetworkBuffer *nb, int additional_size) int receiveNetworkBufferBytes(struct NetworkBuffer *nb, TCPsocket socket, int num_bytes) { + if (num_bytes > MAX_PACKET_SIZE) + { + Error(ERR_NETWORK_SERVER, "protocol error: invalid packet size %d", + num_bytes); + + return -1; + } + if (nb->pos + num_bytes > nb->max_size) increaseNetworkBuffer(nb, num_bytes); diff --git a/src/netserv.h b/src/netserv.h index baebb99c..ec24d344 100644 --- a/src/netserv.h +++ b/src/netserv.h @@ -36,6 +36,7 @@ #define OP_LEVEL_FILE 14 #define MAX_BUFFER_SIZE 4096 +#define MAX_PACKET_SIZE 1048576 struct NetworkBuffer