pa/eqemu-server
2
0
Fork 0
mirror of https://github.com/EQEmu/Server.git synced 2026-05-16 18:52:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Changed OP_FormattedMessage code to eliminate possible oob error

Browse Source
This commit is contained in:
Uleat
2015-01-12 21:15:12 -05:00
parent a6148565e5
commit e84cebe375
7 changed files with 66 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files
common/patches/sof.cpp
+10 -7
View File
@@ -633,26 +633,27 @@ namespace SoF
unsigned char *__emu_buffer = in->pBuffer;
char *old_message_ptr = (char *)in->pBuffer;
old_message_ptr += sizeof(FormattedMessage_Struct);
std::string old_message_array[9];
char *old_message_ptr = (char *)__emu_buffer + sizeof(FormattedMessage_Struct);
for (int i = 0; i < 9; ++i) {
if (*old_message_ptr == 0) { break; }
old_message_array[i] = old_message_ptr;
old_message_ptr += old_message_array[i].length() + 1;
if (old_message_array[i].length() == 0) { break; }
}
uint32 new_message_size = 0;
std::string new_message_array[9];
for (int i = 0; i < 9; ++i) {
ServerToSoFTextLink(new_message_array[i], old_message_array[i]);
new_message_size += (new_message_array[i].length() + 1);
if (new_message_array[i].length() == 0) { break; }
ServerToSoFTextLink(new_message_array[i], old_message_array[i]);
new_message_size += new_message_array[i].length() + 1;
}
in->size = sizeof(FormattedMessage_Struct) + new_message_size;
in->size = sizeof(FormattedMessage_Struct) + new_message_size + 1;
in->pBuffer = new unsigned char[in->size];
char *OutBuffer = (char *)in->pBuffer;
@@ -662,10 +663,12 @@ namespace SoF
VARSTRUCT_ENCODE_TYPE(uint32, OutBuffer, emu->type);
for (int i = 0; i < 9; ++i) {
VARSTRUCT_ENCODE_STRING(OutBuffer, new_message_array[i].c_str());
if (new_message_array[i].length() == 0) { break; }
VARSTRUCT_ENCODE_STRING(OutBuffer, new_message_array[i].c_str());
}
VARSTRUCT_ENCODE_TYPE(uint8, OutBuffer, 0);
delete[] __emu_buffer;
dest->FastQueuePacket(&in, ack_req);
}