Bug #1955 » 0006-Protect-against-DOS-attack-with-recursive-jumbo-pack.patch
| client/clinet.c | ||
|---|---|---|
|
agents_freeze_hint();
|
||
|
while (client.conn.used) {
|
||
|
enum packet_type type;
|
||
|
void *packet = get_packet_from_connection(&client.conn, &type);
|
||
|
void *packet = get_packet_from_connection(&client.conn, &type, FALSE);
|
||
|
if (NULL != packet) {
|
||
|
client_packet_input(packet, type);
|
||
| ... | ... | |
|
enum packet_type type;
|
||
|
while (TRUE) {
|
||
|
void *packet = get_packet_from_connection(&client.conn, &type);
|
||
|
void *packet = get_packet_from_connection(&client.conn, &type, FALSE);
|
||
|
if (NULL == packet) {
|
||
|
break;
|
||
|
}
|
||
| common/packets.c | ||
|---|---|---|
|
the function returns NULL.
|
||
|
**************************************************************************/
|
||
|
void *get_packet_from_connection(struct connection *pc,
|
||
|
enum packet_type *ptype)
|
||
|
enum packet_type *ptype,
|
||
|
bool recursed)
|
||
|
{
|
||
|
int len_read;
|
||
|
int whole_packet_len;
|
||
| ... | ... | |
|
* changes, the protocol should probably be changed */
|
||
|
fc_assert(data_type_size(pc->packet_header.length) == 2);
|
||
|
if (len_read == JUMBO_SIZE) {
|
||
|
if (recursed) {
|
||
|
log_verbose("Got recursive jumbo packet. That's not acceptable. "
|
||
|
"The connection will be closed now.");
|
||
|
connection_close(pc, "recursive jumbo packet");
|
||
|
return NULL;
|
||
|
}
|
||
|
compressed_packet = TRUE;
|
||
|
header_size = 6;
|
||
|
if (dio_input_remaining(&din) >= 4) {
|
||
| ... | ... | |
|
log_compress("COMPRESS: decompressed %ld into %ld",
|
||
|
compressed_size, decompressed_size);
|
||
|
return get_packet_from_connection(pc, ptype);
|
||
|
return get_packet_from_connection(pc, ptype, TRUE);
|
||
|
}
|
||
|
#endif /* USE_COMPRESSION */
|
||
| common/packets.h | ||
|---|---|---|
|
struct connection;
|
||
|
struct data_in;
|
||
|
#include "connection.h" /* struct connection, MAX_LEN_* */
|
||
|
#include "connection.h" /* struct connection, MAX_LEN_* */
|
||
|
#include "diptreaty.h"
|
||
|
#include "effects.h"
|
||
|
#include "events.h"
|
||
|
#include "improvement.h" /* bv_imprs */
|
||
|
#include "improvement.h" /* bv_imprs */
|
||
|
#include "player.h"
|
||
|
#include "requirements.h"
|
||
|
#include "shared.h" /* MAX_LEN_ADDR */
|
||
| ... | ... | |
|
};
|
||
|
void *get_packet_from_connection(struct connection *pc,
|
||
|
enum packet_type *ptype);
|
||
|
enum packet_type *ptype,
|
||
|
bool recursed);
|
||
|
void remove_packet_from_buffer(struct socket_packet_buffer *buffer);
|
||
|
void send_attribute_block(const struct player *pplayer,
|
||
| ... | ... | |
|
packet_server_join_reply *packet);
|
||
|
void pre_send_packet_player_attribute_chunk(struct connection *pc,
|
||
|
struct packet_player_attribute_chunk
|
||
|
*packet);
|
||
|
struct packet_player_attribute_chunk
|
||
|
*packet);
|
||
|
const struct packet_handlers *packet_handlers_initial(void);
|
||
|
const struct packet_handlers *packet_handlers_get(const char *capability);
|
||
| server/sernet.c | ||
|---|---|---|
|
};
|
||
|
/*****************************************************************************
|
||
|
Simplify a loop by wrapping get_packet_from_connection.
|
||
|
Simplify a loop by wrapping get_packet_from_connection().
|
||
|
*****************************************************************************/
|
||
|
static bool get_packet(struct connection *pconn,
|
||
|
struct packet_to_handle *ppacket)
|
||
|
{
|
||
|
ppacket->data = get_packet_from_connection(pconn, &ppacket->type);
|
||
|
ppacket->data = get_packet_from_connection(pconn, &ppacket->type, FALSE);
|
||
|
return NULL != ppacket->data;
|
||
|
}
|
||
- « Previous
- 1
- …
- 4
- 5
- 6
- Next »