From 49b619bae28ba5fcb63c192ef14a9b624e2a7286 Mon Sep 17 00:00:00 2001
From: Ladislav Zezula <zezula@volny.cz>
Date: Mon, 15 Sep 2025 15:09:30 +0200
Subject: Fixed https://github.com/ladislav-zezula/StormLib/issues/397 and
 https://github.com/ladislav-zezula/StormLib/issues/398

---
 src/SBaseCommon.cpp    | 5 +++++
 src/SBaseFileTable.cpp | 5 +++--
 src/StormLib.h         | 1 +
 3 files changed, 9 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/SBaseCommon.cpp b/src/SBaseCommon.cpp
index 16caf4f..4d56502 100644
--- a/src/SBaseCommon.cpp
+++ b/src/SBaseCommon.cpp
@@ -1019,6 +1019,11 @@ void * LoadMpqTable(
                 return NULL;
             }
         }
+        else
+        {
+            // pocs/MPQ_2025_06_BadHashTableSize.mpq
+            dwCompressedSize = dwTableSize;
+        }
 
         // Get the file offset from which we will read the table
         // Note: According to Storm.dll from Warcraft III (version 2002),
diff --git a/src/SBaseFileTable.cpp b/src/SBaseFileTable.cpp
index e854ac0..46daab5 100644
--- a/src/SBaseFileTable.cpp
+++ b/src/SBaseFileTable.cpp
@@ -2508,7 +2508,8 @@ TMPQHetTable * LoadHetTable(TMPQArchive * ha)
     TMPQHeader * pHeader = ha->pHeader;
 
     // If the HET table position is not 0, we expect the table to be present
-    if(pHeader->HetTablePos64 && pHeader->HetTableSize64)
+    // Alsom the HET table must have a reasonable size
+    if(pHeader->HetTablePos64 && pHeader->HetTableSize64 && pHeader->HetTableSize64 < BET_TABLE_MAX_SIZE)
     {
         // Attempt to load the HET table (Hash Extended Table)
         pExtTable = LoadExtTable(ha, pHeader->HetTablePos64, (size_t)pHeader->HetTableSize64, HET_TABLE_SIGNATURE, MPQ_KEY_HASH_TABLE);
@@ -2530,7 +2531,7 @@ TMPQBetTable * LoadBetTable(TMPQArchive * ha)
     TMPQHeader * pHeader = ha->pHeader;
 
     // If the BET table position is not 0, we expect the table to be present
-    if(pHeader->BetTablePos64 && pHeader->BetTableSize64)
+    if(pHeader->BetTablePos64 && pHeader->BetTableSize64 && pHeader->BetTableSize64 < BET_TABLE_MAX_SIZE)
     {
         // Attempt to load the HET table (Hash Extended Table)
         pExtTable = LoadExtTable(ha, pHeader->BetTablePos64, (size_t)pHeader->BetTableSize64, BET_TABLE_SIGNATURE, MPQ_KEY_BLOCK_TABLE);
diff --git a/src/StormLib.h b/src/StormLib.h
index e1db062..1f3dee7 100644
--- a/src/StormLib.h
+++ b/src/StormLib.h
@@ -292,6 +292,7 @@ extern "C" {
 // Signatures for HET and BET table
 #define HET_TABLE_SIGNATURE         0x1A544548  // 'HET\x1a'
 #define BET_TABLE_SIGNATURE         0x1A544542  // 'BET\x1a'
+#define BET_TABLE_MAX_SIZE          0x00100000  // Maximum acceptable size of HET&BET tables
 
 // Decryption keys for MPQ tables
 #define MPQ_KEY_HASH_TABLE          0xC3AF3770  // Obtained by HashString("(hash table)", MPQ_HASH_FILE_KEY)
-- 
cgit v1.2.3