Project

General

Profile

Download (6.6 KB)

Bug #1955 » 0003-Protect-against-DOS-attack-with-recursive-jumbo-pack.patch

S3_1 - Marko Lindqvist, 03/19/2026 11:09 PM

View differences:

client/clinet.c
agents_freeze_hint();
while (client.conn.used) {
enum packet_type type;
void *packet = get_packet_from_connection(&client.conn, &type);
void *packet = get_packet_from_connection(&client.conn, &type, FALSE);
if (NULL != packet) {
client_packet_input(packet, type);
......
enum packet_type type;
while (TRUE) {
void *packet = get_packet_from_connection(&client.conn, &type);
void *packet = get_packet_from_connection(&client.conn, &type, FALSE);
if (NULL == packet) {
break;
}
common/networking/packets.c
the function returns NULL.
**************************************************************************/
void *get_packet_from_connection_raw(struct connection *pc,
enum packet_type *ptype)
enum packet_type *ptype,
bool recursed)
{
int len_read;
int whole_packet_len;
......
* changes, the protocol should probably be changed */
fc_assert(data_type_size(pc->packet_header.length) == 2);
if (len_read == JUMBO_SIZE) {
if (recursed) {
log_verbose("Got recursive jumbo packet. That's not acceptable. "
"The connection will be closed now.");
connection_close(pc, "recursive jumbo packet");
return NULL;
}
compressed_packet = TRUE;
header_size = 6;
if (dio_input_remaining(&din) >= 4) {
......
log_compress("COMPRESS: decompressed %ld into %ld",
compressed_size, decompressed_size);
return get_packet_from_connection(pc, ptype);
return get_packet_from_connection(pc, ptype, TRUE);
}
#endif /* USE_COMPRESSION */
common/networking/packets.h
struct data_in;
/* utility */
#include "shared.h" /* MAX_LEN_ADDR */
#include "shared.h" /* MAX_LEN_ADDR */
/* common */
#include "connection.h" /* struct connection, MAX_LEN_* */
#include "diptreaty.h"
#include "effects.h"
#include "events.h"
#include "improvement.h" /* bv_imprs */
#include "improvement.h" /* bv_imprs */
#include "player.h"
#include "requirements.h"
#include "spaceship.h"
......
};
void *get_packet_from_connection_raw(struct connection *pc,
enum packet_type *ptype);
enum packet_type *ptype,
bool recursed);
#ifdef FREECIV_JSON_CONNECTION
#define get_packet_from_connection(pc, ptype) get_packet_from_connection_json(pc, ptype)
#define get_packet_from_connection(pc, ptype, recuirsed) \
get_packet_from_connection_json(pc, ptype)
#else
#define get_packet_from_connection(pc, ptype) get_packet_from_connection_raw(pc, ptype)
#define get_packet_from_connection(pc, ptype, recursed) \
get_packet_from_connection_raw(pc, ptype, recursed)
#endif
void remove_packet_from_buffer(struct socket_packet_buffer *buffer);
void send_attribute_block(const struct player *pplayer,
struct connection *pconn);
struct connection *pconn);
void generic_handle_player_attribute_chunk(struct player *pplayer,
const struct
packet_player_attribute_chunk
*chunk);
const struct
packet_player_attribute_chunk
*chunk);
void packet_handlers_fill_initial(struct packet_handlers *phandlers);
void packet_handlers_fill_capability(struct packet_handlers *phandlers,
const char *capability);
......
packet_server_join_reply *packet);
void pre_send_packet_player_attribute_chunk(struct connection *pc,
struct packet_player_attribute_chunk
*packet);
struct packet_player_attribute_chunk
*packet);
const struct packet_handlers *packet_handlers_initial(void);
const struct packet_handlers *packet_handlers_get(const char *capability);
server/sernet.c
};
/*************************************************************************//**
Simplify a loop by wrapping get_packet_from_connection.
Simplify a loop by wrapping get_packet_from_connection().
*****************************************************************************/
static bool get_packet(struct connection *pconn,
struct packet_to_handle *ppacket)
{
ppacket->data = get_packet_from_connection(pconn, &ppacket->type);
ppacket->data = get_packet_from_connection(pconn, &ppacket->type, FALSE);
return NULL != ppacket->data;
}
(4-4/6)