Mirror/TrinityCore
1
0
Fork 0
mirror of https://github.com/TrinityCore/TrinityCore.git synced 2026-01-23 02:25:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

[8378] Use exceptions instead of explicit size checking for each packet Author: arrai

Browse Source 
CHECK_PACKET_SIZE was pretty error prone; once it was forgotten mangosd
    could crash due to the asserts in ByteBuffer.h. That was exploitable by
    malicious players.
    Furthermore, there were duplicate checks: Additionally to
    CHECK_PACKET_SIZE, the ByteBuffer assertions keept an eye
    on not exceeding the packet boundaries - just to crash the server for
    sure in such a case.
    To prevent memory leaks or other undesirable states, please read in
    every handler all variables _before_ doing any concrete handling.

--HG--
branch : trunk
This commit is contained in:
megamage
2009-08-19 16:26:22 -05:00
parent d9ed49749d
commit e954904e6d
30 changed files with 128 additions and 739 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
src/game/CharacterHandler.cpp
View File

@@ -185,16 +185,11 @@ void WorldSession::HandleCharEnumOpcode( WorldPacket & /*recv_data*/ )
void WorldSession::HandleCharCreateOpcode( WorldPacket & recv_data )
{
CHECK_PACKET_SIZE(recv_data,1+1+1+1+1+1+1+1+1+1);
std::string name;
uint8 race_,class_;
recv_data >> name;
// recheck with known string size
CHECK_PACKET_SIZE(recv_data,(name.size()+1)+1+1+1+1+1+1+1+1+1);
recv_data >> race_;
recv_data >> class_;
@@ -479,8 +474,6 @@ void WorldSession::HandleCharCreateOpcode( WorldPacket & recv_data )
void WorldSession::HandleCharDeleteOpcode( WorldPacket & recv_data )
{
CHECK_PACKET_SIZE(recv_data,8);
uint64 guid;
recv_data >> guid;
@@ -541,8 +534,6 @@ void WorldSession::HandleCharDeleteOpcode( WorldPacket & recv_data )
void WorldSession::HandlePlayerLoginOpcode( WorldPacket & recv_data )
{
CHECK_PACKET_SIZE(recv_data,8);
if(PlayerLoading() || GetPlayer() != NULL)
{
sLog.outError("Player tryes to login again, AccountId = %d",GetAccountId());
@@ -819,8 +810,6 @@ void WorldSession::HandlePlayerLogin(LoginQueryHolder * holder)
void WorldSession::HandleSetFactionAtWar( WorldPacket & recv_data )
{
CHECK_PACKET_SIZE(recv_data,4+1);
DEBUG_LOG( "WORLD: Received CMSG_SET_FACTION_ATWAR" );
uint32 repListID;
@@ -835,8 +824,6 @@ void WorldSession::HandleSetFactionAtWar( WorldPacket & recv_data )
//I think this function is never used :/ I dunno, but i guess this opcode not exists
void WorldSession::HandleSetFactionCheat( WorldPacket & /*recv_data*/ )
{
//CHECK_PACKET_SIZE(recv_data,4+4);
sLog.outError("WORLD SESSION: HandleSetFactionCheat, not expected call, please report.");
/*
uint32 FactionID;
@@ -869,8 +856,6 @@ void WorldSession::HandleMeetingStoneInfo( WorldPacket & /*recv_data*/ )
void WorldSession::HandleTutorialFlag( WorldPacket & recv_data )
{
CHECK_PACKET_SIZE(recv_data,4);
uint32 iFlag;
recv_data >> iFlag;
@@ -903,8 +888,6 @@ void WorldSession::HandleTutorialReset( WorldPacket & /*recv_data*/ )
void WorldSession::HandleSetWatchedFactionOpcode(WorldPacket & recv_data)
{
CHECK_PACKET_SIZE(recv_data,4);
DEBUG_LOG("WORLD: Received CMSG_SET_WATCHED_FACTION");
uint32 fact;
recv_data >> fact;
@@ -913,8 +896,6 @@ void WorldSession::HandleSetWatchedFactionOpcode(WorldPacket & recv_data)
void WorldSession::HandleSetFactionInactiveOpcode(WorldPacket & recv_data)
{
CHECK_PACKET_SIZE(recv_data,4+1);
DEBUG_LOG("WORLD: Received CMSG_SET_FACTION_INACTIVE");
uint32 replistid;
uint8 inactive;
@@ -937,8 +918,6 @@ void WorldSession::HandleShowingCloakOpcode( WorldPacket & /*recv_data*/ )
void WorldSession::HandleCharRenameOpcode(WorldPacket& recv_data)
{
CHECK_PACKET_SIZE(recv_data, 8+1);
uint64 guid;
std::string newname;
@@ -1023,7 +1002,6 @@ void WorldSession::HandleSetPlayerDeclinedNames(WorldPacket& recv_data)
{
uint64 guid;
CHECK_PACKET_SIZE(recv_data, 8);
recv_data >> guid;
// not accept declined names for unsupported languages
@@ -1059,7 +1037,6 @@ void WorldSession::HandleSetPlayerDeclinedNames(WorldPacket& recv_data)
std::string name2;
DeclinedName declinedname;
CHECK_PACKET_SIZE(recv_data, recv_data.rpos() + 1);
recv_data >> name2;
if(name2 != name) // character have different name
@@ -1073,7 +1050,6 @@ void WorldSession::HandleSetPlayerDeclinedNames(WorldPacket& recv_data)
for(int i = 0; i < MAX_DECLINED_NAME_CASES; ++i)
{
CHECK_PACKET_SIZE(recv_data, recv_data.rpos() + 1);
recv_data >> declinedname.name[i];
if(!normalizePlayerName(declinedname.name[i]))
{
@@ -1113,8 +1089,6 @@ void WorldSession::HandleAlterAppearance( WorldPacket & recv_data )
{
sLog.outDebug("CMSG_ALTER_APPEARANCE");
CHECK_PACKET_SIZE(recv_data, 4+4+4);
uint32 Hair, Color, FacialHair;
recv_data >> Hair >> Color >> FacialHair;
@@ -1161,8 +1135,6 @@ void WorldSession::HandleAlterAppearance( WorldPacket & recv_data )
void WorldSession::HandleRemoveGlyph( WorldPacket & recv_data )
{
CHECK_PACKET_SIZE(recv_data, 4);
uint32 slot;
recv_data >> slot;
@@ -1185,16 +1157,12 @@ void WorldSession::HandleRemoveGlyph( WorldPacket & recv_data )
void WorldSession::HandleCharCustomize(WorldPacket& recv_data)
{
CHECK_PACKET_SIZE(recv_data, 8+1);
uint64 guid;
std::string newname;
recv_data >> guid;
recv_data >> newname;
CHECK_PACKET_SIZE(recv_data, recv_data.rpos()+1+1+1+1+1+1);
uint8 gender, skin, face, hairStyle, hairColor, facialHair;
recv_data >> gender >> skin >> hairColor >> hairStyle >> facialHair >> face;
@@ -1290,18 +1258,14 @@ void WorldSession::HandleEquipmentSetSave(WorldPacket &recv_data)
if(!recv_data.readPackGUID(setGuid))
return;
CHECK_PACKET_SIZE(recv_data, recv_data.rpos() + 4);
uint32 index;
recv_data >> index;
if(index >= MAX_EQUIPMENT_SET_INDEX) // client set slots amount
return;
CHECK_PACKET_SIZE(recv_data, recv_data.rpos() + 1);
std::string name;
recv_data >> name;
CHECK_PACKET_SIZE(recv_data, recv_data.rpos() + 1);
std::string iconName;
recv_data >> iconName;
@@ -1354,8 +1318,6 @@ void WorldSession::HandleEquipmentSetUse(WorldPacket &recv_data)
if(!recv_data.readPackGUID(itemGuid))
return;
CHECK_PACKET_SIZE(recv_data, recv_data.rpos()+1+1);
uint8 srcbag, srcslot;
recv_data >> srcbag >> srcslot;