From a3554a32c803528ed6837477982d7fddcf60072c Mon Sep 17 00:00:00 2001
From: Holger Schemel <info@artsoft.org>
Date: Fri, 31 Aug 2018 08:46:03 +0200
Subject: [PATCH 1/1] added checking for invalid/malicious packet size in
 network protocol

---
 src/netserv.c | 8 ++++++++
 src/netserv.h | 1 +
 2 files changed, 9 insertions(+)

diff --git a/src/netserv.c b/src/netserv.c
index eef7aa11..73d35fb3 100644
--- a/src/netserv.c
+++ b/src/netserv.c
@@ -187,6 +187,14 @@ static void increaseNetworkBuffer(struct NetworkBuffer *nb, int additional_size)
 int receiveNetworkBufferBytes(struct NetworkBuffer *nb, TCPsocket socket,
 			     int num_bytes)
 {
+  if (num_bytes > MAX_PACKET_SIZE)
+  {
+    Error(ERR_NETWORK_SERVER, "protocol error: invalid packet size %d",
+	  num_bytes);
+
+    return -1;
+  }
+
   if (nb->pos + num_bytes > nb->max_size)
     increaseNetworkBuffer(nb, num_bytes);
 
diff --git a/src/netserv.h b/src/netserv.h
index baebb99c..ec24d344 100644
--- a/src/netserv.h
+++ b/src/netserv.h
@@ -36,6 +36,7 @@
 #define OP_LEVEL_FILE		14
 
 #define MAX_BUFFER_SIZE		4096
+#define MAX_PACKET_SIZE		1048576
 
 
 struct NetworkBuffer
-- 
2.34.1