From ce947814c6fa2c32c0908f1e7088ce971f74d365 Mon Sep 17 00:00:00 2001 From: Shauren Date: Thu, 7 Jul 2016 18:22:29 +0200 Subject: Core/PacketIO: Fixed crash happening when someone sends too small packet that is processed directly in WorldSocket Ref #17536 --- src/server/game/Server/WorldSocket.cpp | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/server/game/Server/WorldSocket.cpp b/src/server/game/Server/WorldSocket.cpp index 1c77283d812..a8a639d9b7f 100644 --- a/src/server/game/Server/WorldSocket.cpp +++ b/src/server/game/Server/WorldSocket.cpp @@ -324,9 +324,20 @@ WorldSocket::ReadDataHandlerResult WorldSocket::ReadDataHandler() switch (opcode) { case CMSG_PING: + { LogOpcodeText(opcode, sessionGuard); - return HandlePing(packet) ? ReadDataHandlerResult::Ok : ReadDataHandlerResult::Error; + try + { + return HandlePing(packet) ? ReadDataHandlerResult::Ok : ReadDataHandlerResult::Error; + } + catch (ByteBufferPositionException const&) + { + } + TC_LOG_ERROR("network", "WorldSocket::ReadDataHandler(): client %s sent malformed CMSG_PING", GetRemoteIpAddress().to_string().c_str()); + return ReadDataHandlerResult::Error; + } case CMSG_AUTH_SESSION: + { LogOpcodeText(opcode, sessionGuard); if (_authed) { @@ -336,8 +347,17 @@ WorldSocket::ReadDataHandlerResult WorldSocket::ReadDataHandler() return ReadDataHandlerResult::Error; } - HandleAuthSession(packet); - return ReadDataHandlerResult::WaitingForQuery; + try + { + HandleAuthSession(packet); + return ReadDataHandlerResult::WaitingForQuery; + } + catch (ByteBufferPositionException const&) + { + } + TC_LOG_ERROR("network", "WorldSocket::ReadDataHandler(): client %s sent malformed CMSG_AUTH_SESSION", GetRemoteIpAddress().to_string().c_str()); + return ReadDataHandlerResult::Error; + } case CMSG_KEEP_ALIVE: LogOpcodeText(opcode, sessionGuard); break; -- cgit v1.2.3