From 0e9eb8e7f5eac85531ce25d214cf6018bef4114b Mon Sep 17 00:00:00 2001
From: Shauren <shauren.trinity@gmail.com>
Date: Mon, 1 Jun 2020 23:43:38 +0200
Subject: Core/PacketIO: Validate AddonInfo size

Closes #24734
---
 src/server/game/Server/WorldSocket.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/server/game/Server/WorldSocket.cpp b/src/server/game/Server/WorldSocket.cpp
index ff85f71c769..ab43f6f36a0 100644
--- a/src/server/game/Server/WorldSocket.cpp
+++ b/src/server/game/Server/WorldSocket.cpp
@@ -434,7 +434,8 @@ void WorldSocket::HandleAuthSession(WorldPacket& recvPacket)
     recvPacket >> authSession->RealmID;               // realmId from auth_database.realmlist table
     recvPacket >> authSession->DosResponse;
     recvPacket.read(authSession->Digest, 20);
-    authSession->AddonInfo.append(recvPacket.contents() + recvPacket.rpos(), recvPacket.size() - recvPacket.rpos());
+    authSession->AddonInfo.resize(recvPacket.size() - recvPacket.rpos());
+    recvPacket.read(authSession->AddonInfo.contents(), authSession->AddonInfo.size()); // .contents will throw if empty, thats what we want
 
     // Get the account information from the auth database
     LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_INFO_BY_NAME);
-- 
cgit v1.2.3