added checking for invalid/malicious packet size in network protocol

[rocksndiamonds.git] / src / netserv.c

diff --git a/src/netserv.c b/src/netserv.c
index eef7aa111e43466b56be71b44afa311e259b3c7f..73d35fb32de81a044726b4c0d008a274172cddee 100644 (file)
--- a/src/netserv.c
+++ b/src/netserv.c
@@ -187,6 +187,14 @@ static void increaseNetworkBuffer(struct NetworkBuffer *nb, int additional_size)
 int receiveNetworkBufferBytes(struct NetworkBuffer *nb, TCPsocket socket,
                             int num_bytes)
 {
+  if (num_bytes > MAX_PACKET_SIZE)
+  {
+    Error(ERR_NETWORK_SERVER, "protocol error: invalid packet size %d",
+         num_bytes);
+
+    return -1;
+  }
+
   if (nb->pos + num_bytes > nb->max_size)
     increaseNetworkBuffer(nb, num_bytes);