diff options
| author | Magnus Auvinen <magnus.auvinen@gmail.com> | 2008-02-24 16:03:58 +0000 |
|---|---|---|
| committer | Magnus Auvinen <magnus.auvinen@gmail.com> | 2008-02-24 16:03:58 +0000 |
| commit | 4739966e14ca2df24d4f44fb814b6275b9bf2a3c (patch) | |
| tree | 2398dee3380dfa48582a71a4f2d4278448fa6cb8 /src/engine/e_network.c | |
| parent | 1ea859c431b33a384727c0016917dde15bceeff3 (diff) | |
| download | zcatch-4739966e14ca2df24d4f44fb814b6275b9bf2a3c.tar.gz zcatch-4739966e14ca2df24d4f44fb814b6275b9bf2a3c.zip | |
larger restructure to improve security
Diffstat (limited to 'src/engine/e_network.c')
| -rw-r--r-- | src/engine/e_network.c | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/src/engine/e_network.c b/src/engine/e_network.c index acf723ba..9211726f 100644 --- a/src/engine/e_network.c +++ b/src/engine/e_network.c @@ -54,7 +54,6 @@ typedef struct unsigned char *data; } NETPACKETDATA; - static void send_packet(NETSOCKET socket, NETADDR4 *addr, NETPACKETDATA *packet) { unsigned char buffer[NETWORK_MAX_PACKET_SIZE]; @@ -356,7 +355,18 @@ static int conn_feed(NETCONNECTION *conn, NETPACKETDATA *p, NETADDR4 *addr) conn->remote_closed = 1; if(p->data_size) - conn_set_error(conn, (char *)p->data); + { + /* make sure to sanitize the error string form the other party*/ + char str[128]; + if(p->data_size < 128) + str_copy(str, (char *)p->data, p->data_size); + else + str_copy(str, (char *)p->data, 128); + str_sanitize_strong(str); + + /* set the error string */ + conn_set_error(conn, str); + } else conn_set_error(conn, "no reason given"); if(config.debug) @@ -739,7 +749,7 @@ int netserver_recv(NETSERVER *s, NETPACKET *packet) else { /* errornous packet, drop it */ - dbg_msg("server", "crazy packet"); + /* dbg_msg("server", "crazy packet"); */ } /* read header */ @@ -751,7 +761,11 @@ int netserver_recv(NETSERVER *s, NETPACKET *packet) int netserver_send(NETSERVER *s, NETPACKET *packet) { - dbg_assert(packet->data_size < NETWORK_MAX_PAYLOAD, "packet payload too big"); + if(packet->data_size >= NETWORK_MAX_PAYLOAD) + { + dbg_msg("netserver", "packet payload too big. %d. dropping packet", packet->data_size); + return -1; + } if(packet->flags&PACKETFLAG_CONNLESS) { @@ -898,7 +912,11 @@ int netclient_recv(NETCLIENT *c, NETPACKET *packet) int netclient_send(NETCLIENT *c, NETPACKET *packet) { - dbg_assert(packet->data_size < NETWORK_MAX_PAYLOAD, "packet payload too big"); + if(packet->data_size >= NETWORK_MAX_PAYLOAD) + { + dbg_msg("netclient", "packet payload too big. %d. dropping packet", packet->data_size); + return -1; + } if(packet->flags&PACKETFLAG_CONNLESS) { |