Implement proper bounds checks across the codebase (#681)

* Implement proper bounds checks across the codebase

* Implement strnlen_s for cross platform
This commit is contained in:
Jett 2022-07-27 02:52:04 +01:00 committed by GitHub
parent 9813c3ed2c
commit 9e08bb20d2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 18 additions and 8 deletions

View File

@ -26,6 +26,13 @@ dLogger::~dLogger() {
} }
void dLogger::vLog(const char* format, va_list args) { void dLogger::vLog(const char* format, va_list args) {
const char* tempPtr = format; // strlen_s implementation for Linux and Windows
for (; *tempPtr != '\0'; ++tempPtr) {
size_t size = tempPtr - format;
if (size > 600) {
return;
}
}
#ifdef _WIN32 #ifdef _WIN32
time_t t = time(NULL); time_t t = time(NULL);
struct tm time; struct tm time;

View File

@ -46,17 +46,20 @@ int64_t PacketUtils::ReadPacketS64(uint32_t startLoc, Packet * packet) {
return *(int64_t*)t.data(); return *(int64_t*)t.data();
} }
std::string PacketUtils::ReadString(uint32_t startLoc, Packet* packet, bool wide) { std::string PacketUtils::ReadString(uint32_t startLoc, Packet* packet, bool wide, uint32_t maxLen) {
std::string readString = ""; std::string readString = "";
if (wide) maxLen *= 2;
if (packet->length > startLoc) { if (packet->length > startLoc) {
uint32_t i = 0; uint32_t i = 0;
while (packet->data[startLoc + i] != '\0' && packet->length > (uint32_t)(startLoc + i)) { while (packet->data[startLoc + i] != '\0' && packet->length > (uint32_t)(startLoc + i) && maxLen > i) {
readString.push_back(packet->data[startLoc + i]); readString.push_back(packet->data[startLoc + i]);
if (wide) { if (wide) {
i += 2; // Wide-char string i += 2; // Wide-char string
} else { }
else {
i++; // Regular string i++; // Regular string
} }
} }

View File

@ -11,7 +11,7 @@ namespace PacketUtils {
uint32_t ReadPacketU32(uint32_t startLoc, Packet * packet); uint32_t ReadPacketU32(uint32_t startLoc, Packet * packet);
uint64_t ReadPacketU64(uint32_t startLoc, Packet * packet); uint64_t ReadPacketU64(uint32_t startLoc, Packet * packet);
int64_t ReadPacketS64(uint32_t startLoc, Packet * packet); int64_t ReadPacketS64(uint32_t startLoc, Packet * packet);
std::string ReadString(uint32_t startLoc, Packet * packet, bool wide); std::string ReadString(uint32_t startLoc, Packet * packet, bool wide, uint32_t maxLen = 33);
void WritePacketString(const std::string& string, uint32_t maxSize, RakNet::BitStream * bitStream); void WritePacketString(const std::string& string, uint32_t maxSize, RakNet::BitStream * bitStream);
void WriteString(RakNet::BitStream& bitStream, const std::string& s, uint32_t maxSize); void WriteString(RakNet::BitStream& bitStream, const std::string& s, uint32_t maxSize);