Mirrored_Repos/DarkflameServer
1
0
Fork 0
mirror of https://github.com/DarkflameUniverse/DarkflameServer.git synced 2026-06-02 21:04:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: security fixes (#1974)

Browse Source 
* fix: security fixes

dont print passwords for worlds
bound strings from clients
actually enable encryption between rakpeers
dont allow underflow when reading a string

Tested that packets are encrypted
tested that models can still be built
tested that combat still works

* add check

* use c++ nullptr instead of NULL

* initialize to 0

* globalize constant (should be in a namespace at least in the future)

* Update GameMessages.cpp

* check bounds
This commit is contained in:
David Markowitz
2026-05-17 12:21:22 -07:00
committed by GitHub
parent 67bbe4c1f0
commit f5d33a773a
13 changed files with 43 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
dNet/ClientPackets.cpp
View File

@@ -11,14 +11,16 @@ ChatMessage ClientPackets::HandleChatMessage(Packet* packet) {
CINSTREAM_SKIP_HEADER;
ChatMessage message;
uint32_t messageLength;
int32_t messageLength{};
inStream.Read(message.chatChannel);
inStream.Read(message.unknown);
inStream.Read(messageLength);
for (uint32_t i = 0; i < (messageLength - 1); ++i) {
uint16_t character;
if (messageLength > MAX_MESSAGE_LENGTH || messageLength < 0) return message;
for (int32_t i = 0; i < (messageLength - 1); ++i) {
char16_t character;
inStream.Read(character);
message.message.push_back(character);
}