Shared/Networking: Fix buffer overflow in Socket handling

Fix a buffer overflow caused by Boost trying to store too much data in a buffer too small.

(cherry picked from commit cdf6c884624be33b5782bcca0e206e5c291a517b)

2 files changed, 10 insertions, 1 deletions

diff --git a/src/server/shared/Networking/MessageBuffer.h b/src/server/shared/Networking/MessageBuffer.h
index 2dcd4fbc161..a214af9d127 100644
--- a/src/server/shared/Networking/MessageBuffer.h
+++ b/src/server/shared/Networking/MessageBuffer.h
@@ -81,6 +81,14 @@ public:
         }
     }
 
+    // Ensures there's "some" free space, make sure to call Normalize() before this
+    void EnsureFreeSpace()
+    {
+        // Double the size of the buffer if it's already full
+        if (GetRemainingSpace() == 0)
+            _storage.resize(_storage.size() * 2);
+    }
+
     void Write(void const* data, std::size_t size)
     {
         if (size)
diff --git a/src/server/shared/Networking/Socket.h b/src/server/shared/Networking/Socket.h
index 5c891d925fa..6c367e5649d 100644
--- a/src/server/shared/Networking/Socket.h
+++ b/src/server/shared/Networking/Socket.h
@@ -92,7 +92,8 @@ public:
             return;
 
         _readBuffer.Normalize();
-        _socket.async_read_some(boost::asio::buffer(_readBuffer.GetWritePointer(), READ_BLOCK_SIZE),
+        _readBuffer.EnsureFreeSpace();
+        _socket.async_read_some(boost::asio::buffer(_readBuffer.GetWritePointer(), _readBuffer.GetRemainingSpace()),
             std::bind(&Socket<T>::ReadHandlerInternal, this->shared_from_this(), std::placeholders::_1, std::placeholders::_2));
     }