mangos-mirror/server
0
0
Fork 0
mirror of https://github.com/mangosfour/server.git synced 2025-12-26 07:37:02 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[8378] Use exceptions instead of explicit size checking for each packet

Browse source 
CHECK_PACKET_SIZE was pretty error prone; once it was forgotten mangosd
could crash due to the asserts in ByteBuffer.h. That was exploitable by
malicious players.
Furthermore, there were duplicate checks: Additionally to
CHECK_PACKET_SIZE, the ByteBuffer assertions keept an eye
on not exceeding the packet boundaries - just to crash the server for
sure in such a case.
To prevent memory leaks or other undesirable states, please read in
every handler all variables _before_ doing any concrete handling.
This commit is contained in:
arrai 2009-08-15 22:06:35 +02:00
parent c26c7395a1
commit a24f39a36f
32 changed files with 129 additions and 741 deletions
Download patch file Download diff file Expand all files Collapse all files

68
src/game/ChannelHandler.cpp
View file

@ -22,8 +22,6 @@
void WorldSession::HandleJoinChannel(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 4+1+1+1);
uint32 channel_id;
uint8 unknown1, unknown2;
@ -35,9 +33,6 @@ void WorldSession::HandleJoinChannel(WorldPacket& recvPacket)
if(channelname.empty())
return;
// recheck
CHECK_PACKET_SIZE(recvPacket, 4+1+1+(channelname.size()+1)+1);
recvPacket >> pass;
if(ChannelMgr* cMgr = channelMgr(_player->GetTeam()))
if(Channel *chn = cMgr->GetJoinChannel(channelname, channel_id))
@ -48,7 +43,6 @@ void WorldSession::HandleLeaveChannel(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 4+1);
uint32 unk;
std::string channelname;
@ -70,8 +64,6 @@ void WorldSession::HandleChannelList(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1);
std::string channelname;
recvPacket >> channelname;
@ -84,14 +76,9 @@ void WorldSession::HandleChannelPassword(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, pass;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> pass;
if(ChannelMgr* cMgr = channelMgr(_player->GetTeam()))
@ -103,14 +90,9 @@ void WorldSession::HandleChannelSetOwner(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, newp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> newp;
if(!normalizePlayerName(newp))
@ -125,8 +107,6 @@ void WorldSession::HandleChannelOwner(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1);
std::string channelname;
recvPacket >> channelname;
if(ChannelMgr* cMgr = channelMgr(_player->GetTeam()))
@ -138,14 +118,9 @@ void WorldSession::HandleChannelModerator(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, otp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> otp;
if(!normalizePlayerName(otp))
@ -160,14 +135,9 @@ void WorldSession::HandleChannelUnmoderator(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, otp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> otp;
if(!normalizePlayerName(otp))
@ -182,14 +152,9 @@ void WorldSession::HandleChannelMute(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, otp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> otp;
if(!normalizePlayerName(otp))
@ -204,14 +169,10 @@ void WorldSession::HandleChannelUnmute(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, otp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> otp;
if(!normalizePlayerName(otp))
@ -226,14 +187,9 @@ void WorldSession::HandleChannelInvite(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, otp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> otp;
if(!normalizePlayerName(otp))
@ -248,14 +204,9 @@ void WorldSession::HandleChannelKick(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, otp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> otp;
if(!normalizePlayerName(otp))
return;
@ -269,14 +220,9 @@ void WorldSession::HandleChannelBan(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, otp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> otp;
if(!normalizePlayerName(otp))
@ -291,14 +237,10 @@ void WorldSession::HandleChannelUnban(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1+1);
std::string channelname, otp;
recvPacket >> channelname;
// recheck
CHECK_PACKET_SIZE(recvPacket, (channelname.size()+1)+1);
recvPacket >> otp;
if(!normalizePlayerName(otp))
@ -313,8 +255,6 @@ void WorldSession::HandleChannelAnnouncements(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1);
std::string channelname;
recvPacket >> channelname;
if(ChannelMgr* cMgr = channelMgr(_player->GetTeam()))
@ -326,8 +266,6 @@ void WorldSession::HandleChannelModerate(WorldPacket& recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1);
std::string channelname;
recvPacket >> channelname;
if(ChannelMgr* cMgr = channelMgr(_player->GetTeam()))
@ -339,8 +277,6 @@ void WorldSession::HandleChannelDisplayListQuery(WorldPacket &recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1);
std::string channelname;
recvPacket >> channelname;
if(ChannelMgr* cMgr = channelMgr(_player->GetTeam()))
@ -352,8 +288,6 @@ void WorldSession::HandleGetChannelMemberCount(WorldPacket &recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1);
std::string channelname;
recvPacket >> channelname;
if(ChannelMgr* cMgr = channelMgr(_player->GetTeam()))
@ -373,8 +307,6 @@ void WorldSession::HandleSetChannelWatch(WorldPacket &recvPacket)
{
sLog.outDebug("Opcode %u", recvPacket.GetOpcode());
//recvPacket.hexlike();
CHECK_PACKET_SIZE(recvPacket, 1);
std::string channelname;
recvPacket >> channelname;
/*if(ChannelMgr* cMgr = channelMgr(_player->GetTeam()))