Skip to content

Commit

Permalink
fix slow code, add bounds checks
Browse files Browse the repository at this point in the history 
Tested that players with valid names up to the usual 33 character max are still added to the player container
Tested that you can still team with <= 4 players on a team
Tested that chat server no longer crashes with a bad memberSize variable
asserted that InsertPlayer is indeed much faster now and is no longer a slow point of ChatServer
  • Loading branch information
@EmosewaMC
EmosewaMC committed May 31, 2024
1 parent 342da92 commit d809d95
Showing 1 changed file with 15 additions and 7 deletions.
22 changes: 15 additions & 7 deletions dChatServer/PlayerContainer.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,16 +36,19 @@ void PlayerContainer::InsertPlayer(Packet* packet) {
data.playerID = playerId;

uint32_t len;
inStream.Read<uint32_t>(len);
if (!inStream.Read<uint32_t>(len)) return;

for (int i = 0; i < len; i++) {
char character; inStream.Read<char>(character);
data.playerName += character;
if (len > 33) {
LOG("Received a really long player name, probably a fake packet %i.", len);
return;
}

inStream.Read(data.zoneID);
inStream.Read(data.muteExpire);
inStream.Read(data.gmLevel);
data.playerName.resize(len);
inStream.ReadAlignedBytes(reinterpret_cast<unsigned char*>(data.playerName.data()), len);

if (!inStream.Read(data.zoneID)) return;
if (!inStream.Read(data.muteExpire)) return;
if (!inStream.Read(data.gmLevel)) return;
data.sysAddr = packet->systemAddress;

m_Names[data.playerID] = GeneralUtils::UTF8ToUTF16(data.playerName);
Expand Down Expand Up @@ -122,6 +125,11 @@ void PlayerContainer::CreateTeamServer(Packet* packet) {
size_t membersSize = 0;
inStream.Read(membersSize);

if (membersSize >= 4) {
LOG("Tried to create a team with more than 4 players");
return;
}

std::vector<LWOOBJID> members;

members.reserve(membersSize);
Expand Down

0 comments on commit d809d95

Please sign in to comment.