Skip to content
Browse files

Merge pull request #3535 from chrisforbes/lobby-robustness

restrict packet size to 4K in server
  • Loading branch information...
2 parents 54bdaa1 + edb08d6 commit 9746b53cb6a53568f4b124027e8c7ef19730bf2a @pchote pchote committed Jul 11, 2013
Showing with 9 additions and 1 deletion.
  1. +9 −1 OpenRA.Game/Server/Connection.cs
View
10 OpenRA.Game/Server/Connection.cs
@@ -25,6 +25,7 @@ public class Connection
public int ExpectLength = 8;
public int Frame = 0;
public int MostRecentFrame = 0;
+ public const int MaxOrderLength = 4096;
/* client data */
public int PlayerIndex;
@@ -65,7 +66,7 @@ bool ReadDataInner(Server server)
if (e.SocketErrorCode == SocketError.WouldBlock) break;
server.DropClient(this);
- Log.Write("server", "Dropping client {0} because reading the data failed: {1}", this.PlayerIndex.ToString(), e);
+ Log.Write("server", "Dropping client {0} because reading the data failed: {1}", PlayerIndex, e);
return false;
}
}
@@ -86,6 +87,13 @@ public void ReadData(Server server)
ExpectLength = BitConverter.ToInt32(bytes, 0) - 4;
Frame = BitConverter.ToInt32(bytes, 4);
State = ReceiveState.Data;
+
+ if (ExpectLength < 0 || ExpectLength > MaxOrderLength)
+ {
+ server.DropClient(this);
+ Log.Write("server", "Dropping client {0} for excessive order length = {1}", PlayerIndex, ExpectLength);
+ return;
+ }
} break;
case ReceiveState.Data:

0 comments on commit 9746b53

Please sign in to comment.
Something went wrong with that request. Please try again.