diff options
| author | oy <Tom_Adams@web.de> | 2016-11-04 18:43:31 +0100 |
|---|---|---|
| committer | oy <Tom_Adams@web.de> | 2016-11-04 18:43:31 +0100 |
| commit | ff254722a2683867fcb3e67569ffd36226c4bc62 (patch) | |
| tree | 63020693cf75c76e895de2f1fe1c903ec078da56 | |
| parent | 3e1d02283896d4b03e1ab9f9ef20ce4c30c8a0cd (diff) | |
added some checks to snap handling0.6.4-release
| -rw-r--r-- | src/engine/client/client.cpp | 2 | ||||
| -rw-r--r-- | src/engine/shared/snapshot.h | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/src/engine/client/client.cpp b/src/engine/client/client.cpp index c5e147594..fe4b27b78 100644 --- a/src/engine/client/client.cpp +++ b/src/engine/client/client.cpp @@ -1239,7 +1239,7 @@ void CClient::ProcessServerPacket(CNetChunk *pPacket) pData = (const char *)Unpacker.GetRaw(PartSize); - if(Unpacker.Error()) + if(Unpacker.Error() || NumParts < 1 || NumParts > CSnapshot::MAX_PARTS || Part < 0 | Part >= NumParts || PartSize < 0 || PartSize > MAX_SNAPSHOT_PACKSIZE) return; if(GameTick >= m_CurrentRecvTick) diff --git a/src/engine/shared/snapshot.h b/src/engine/shared/snapshot.h index 07d1be609..7438e2fa2 100644 --- a/src/engine/shared/snapshot.h +++ b/src/engine/shared/snapshot.h @@ -31,7 +31,8 @@ class CSnapshot public: enum { - MAX_SIZE=64*1024 + MAX_PARTS = 64, + MAX_SIZE = MAX_PARTS*1024 }; void Clear() { m_DataSize = 0; m_NumItems = 0; } |