mangos-mirror/server
0
0
Fork 0
mirror of https://github.com/mangosfour/server.git synced 2025-12-15 01:37:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[8378] Use exceptions instead of explicit size checking for each packet

Browse source 
CHECK_PACKET_SIZE was pretty error prone; once it was forgotten mangosd
could crash due to the asserts in ByteBuffer.h. That was exploitable by
malicious players.
Furthermore, there were duplicate checks: Additionally to
CHECK_PACKET_SIZE, the ByteBuffer assertions keept an eye
on not exceeding the packet boundaries - just to crash the server for
sure in such a case.
To prevent memory leaks or other undesirable states, please read in
every handler all variables _before_ doing any concrete handling.
This commit is contained in:
arrai 2009-08-15 22:06:35 +02:00
parent c26c7395a1
commit a24f39a36f
32 changed files with 129 additions and 741 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/game/MovementHandler.cpp
View file

@ -160,8 +160,6 @@ void WorldSession::HandleMoveWorldportAckOpcode()
void WorldSession::HandleMoveTeleportAck(WorldPacket& recv_data)
{
CHECK_PACKET_SIZE(recv_data, 8+4+4);
sLog.outDebug("MSG_MOVE_TELEPORT_ACK");
uint64 guid;
uint32 flags, time;
@ -343,8 +341,6 @@ void WorldSession::HandleForceSpeedChangeAck(WorldPacket &recv_data)
{
sLog.outDebug("WORLD: Recvd %s (%u, 0x%X) opcode", LookupOpcodeName(recv_data.GetOpcode()), recv_data.GetOpcode(), recv_data.GetOpcode());
CHECK_PACKET_SIZE(recv_data, recv_data.rpos()+8+4);
/* extract packet */
uint64 guid;
uint32 unk1;
@ -363,9 +359,6 @@ void WorldSession::HandleForceSpeedChangeAck(WorldPacket &recv_data)
MovementInfo movementInfo;
ReadMovementInfo(recv_data, &movementInfo);
// recheck
CHECK_PACKET_SIZE(recv_data, recv_data.rpos()+4);
recv_data >> newspeed;
/*----------------*/
@ -424,8 +417,6 @@ void WorldSession::HandleSetActiveMoverOpcode(WorldPacket &recv_data)
sLog.outDebug("WORLD: Recvd CMSG_SET_ACTIVE_MOVER");
recv_data.hexlike();
CHECK_PACKET_SIZE(recv_data, 8);
uint64 guid;
recv_data >> guid;
@ -441,8 +432,6 @@ void WorldSession::HandleMoveNotActiveMover(WorldPacket &recv_data)
sLog.outDebug("WORLD: Recvd CMSG_MOVE_NOT_ACTIVE_MOVER");
recv_data.hexlike();
CHECK_PACKET_SIZE(recv_data, recv_data.rpos()+8);
uint64 old_mover_guid;
recv_data >> old_mover_guid;
@ -491,7 +480,6 @@ void WorldSession::HandleMountSpecialAnimOpcode(WorldPacket& /*recvdata*/)
void WorldSession::HandleMoveKnockBackAck( WorldPacket & /*recv_data*/ )
{
// CHECK_PACKET_SIZE(recv_data,?);
sLog.outDebug("CMSG_MOVE_KNOCK_BACK_ACK");
// Currently not used but maybe use later for recheck final player position
// (must be at call same as into "recv_data >> x >> y >> z >> orientation;"
@ -531,8 +519,6 @@ void WorldSession::HandleMoveWaterWalkAck(WorldPacket& /*recv_data*/)
void WorldSession::HandleSummonResponseOpcode(WorldPacket& recv_data)
{
CHECK_PACKET_SIZE(recv_data, 8+1);
if(!_player->isAlive() || _player->isInCombat() )
return;