[General] Add basic integrity check to reading of ActorList packets

Additionally, add newlines to files missing them.
8 years ago · f527fe9ebe
parent 252a28fe24
commit f527fe9ebe
11 changed files with 49 additions and 25 deletions
--- a/apps/openmw-mp/ActorProcessor.cpp
+++ b/apps/openmw-mp/ActorProcessor.cpp
@ -36,11 +36,16 @@ bool ActorProcessor::Process(RakNet::Packet &packet, BaseActorList &actorList) n
            ActorPacket *myPacket = Networking::get().getActorPacketController()->GetPacket(packet.data[0]);

            myPacket->setActorList(&actorList);
+            actorList.isValid = true;

            if (!processor.second->avoidReading)
                myPacket->Read();

-            processor.second->Do(*myPacket, *player, actorList);
+            if (actorList.isValid)
+                processor.second->Do(*myPacket, *player, actorList);
+            else
+                LOG_MESSAGE_SIMPLE(Log::LOG_ERROR, "Received %s that failed integrity check and was ignored!", processor.second->strPacketID.c_str());
+
            return true;
        }
    }
--- a/apps/openmw-mp/PlayerProcessor.cpp
+++ b/apps/openmw-mp/PlayerProcessor.cpp
@ -40,4 +40,4 @@ bool PlayerProcessor::Process(RakNet::Packet &packet) noexcept
        }
    }
    return false;
-}
+}
--- a/apps/openmw-mp/ProcessorInitializer.cpp
+++ b/apps/openmw-mp/ProcessorInitializer.cpp
@ -107,4 +107,4 @@ void ProcessorInitializer()
    WorldProcessor::AddProcessor(new ProcessorScriptLocalShort());
    WorldProcessor::AddProcessor(new ProcessorScriptMemberShort());
    WorldProcessor::AddProcessor(new ProcessorVideoPlay());
-}
+}
--- a/apps/openmw-mp/Script/LangPawn/PawnFunc.cpp
+++ b/apps/openmw-mp/Script/LangPawn/PawnFunc.cpp
@ -151,4 +151,4 @@ cell LangPAWN::CreateTimer(AMX *amx, const cell *params) noexcept
 cell LangPAWN::CreateTimerEx(AMX *amx, const cell *params) noexcept
 {

-}
+}
--- a/apps/openmw-mp/Script/ScriptFunctions.hpp
+++ b/apps/openmw-mp/Script/ScriptFunctions.hpp
@ -149,4 +149,4 @@ public:
    };
 };

-#endif //SCRIPTFUNCTIONS_HPP
+#endif //SCRIPTFUNCTIONS_HPP
--- a/apps/openmw/mwmp/ActorProcessor.cpp
+++ b/apps/openmw/mwmp/ActorProcessor.cpp
@ -22,22 +22,27 @@ bool ActorProcessor::Process(RakNet::Packet &packet, ActorList &actorList)
    myPacket->SetReadStream(&bsIn);

    BOOST_FOREACH(processors_t::value_type &processor, processors)
-                {
-                    if (processor.first == packet.data[0])
-                    {
-                        myGuid = Main::get().getLocalPlayer()->guid;
-                        request = packet.length == myPacket->headerSize();
-
-                        if (!request && !processor.second->avoidReading)
-                        {
-                            myPacket->Read();
-                        }
-
-                        processor.second->Do(*myPacket, actorList);
-
-                        return true;
-                    }
-                }
+    {
+        if (processor.first == packet.data[0])
+        {
+            myGuid = Main::get().getLocalPlayer()->guid;
+            request = packet.length == myPacket->headerSize();
+
+            actorList.isValid = true;
+
+            if (!request && !processor.second->avoidReading)
+            {
+                myPacket->Read();
+            }
+
+            if (actorList.isValid)
+                processor.second->Do(*myPacket, actorList);
+            else
+                LOG_MESSAGE_SIMPLE(Log::LOG_ERROR, "Received %s that failed integrity check and was ignored!", processor.second->strPacketID.c_str());
+
+            return true;
+        }
+    }
    return false;
 }

@ -50,4 +55,4 @@ void ActorProcessor::AddProcessor(mwmp::ActorProcessor *processor)
                                   processor->className + " and " + p.second->className);
    }
    processors.insert(processors_t::value_type(processor->GetPacketID(), boost::shared_ptr<ActorProcessor>(processor)));
-}
+}
--- a/apps/openmw/mwmp/ProcessorInitializer.cpp
+++ b/apps/openmw/mwmp/ProcessorInitializer.cpp
@ -119,4 +119,4 @@ void ProcessorInitializer()
    ActorProcessor::AddProcessor(new ProcessorActorSpeech());
    ActorProcessor::AddProcessor(new ProcessorActorStatsDynamic());
    ActorProcessor::AddProcessor(new ProcessorActorTest());
-}
+}
--- a/apps/openmw/mwmp/WorldProcessor.cpp
+++ b/apps/openmw/mwmp/WorldProcessor.cpp
@ -55,4 +55,4 @@ void WorldProcessor::AddProcessor(mwmp::WorldProcessor *processor)
                                   processor->className + " and " + p.second->className);
    }
    processors.insert(processors_t::value_type(processor->GetPacketID(), boost::shared_ptr<WorldProcessor>(processor)));
-}
+}
--- a/components/openmw-mp/Base/BaseActor.hpp
+++ b/components/openmw-mp/Base/BaseActor.hpp
@ -70,6 +70,8 @@ namespace mwmp
        ESM::Cell cell;

        unsigned char action; // 0 - Clear and set in entirety, 1 - Add item, 2 - Remove item, 3 - Request items
+
+        bool isValid;
    };
 }

--- a/components/openmw-mp/Packets/Actor/PacketActorList.cpp
+++ b/components/openmw-mp/Packets/Actor/PacketActorList.cpp
@ -25,6 +25,12 @@ void PacketActorList::Packet(RakNet::BitStream *bs, bool send)

    RW(actorList->count, send);

+    if (actorList->count > 2000)
+    {
+        actorList->isValid = false;
+        return;
+    }
+
    RW(actorList->cell.mData.mFlags, send);
    RW(actorList->cell.mData.mX, send);
    RW(actorList->cell.mData.mY, send);
@ -43,6 +49,12 @@ void PacketActorList::Packet(RakNet::BitStream *bs, bool send)
        RW(actor.refNumIndex, send);
        RW(actor.mpNum, send);

+        if (actor.refId.empty() || (actor.refNumIndex != 0 && actor.mpNum != 0))
+        {
+            actorList->isValid = false;
+            return;
+        }
+
        if (!send)
        {
            actorList->baseActors.push_back(actor);
--- a/components/openmw-mp/Utils.cpp
+++ b/components/openmw-mp/Utils.cpp
@ -159,4 +159,4 @@ string Utils::intToHexStr(unsigned val)
    ostringstream sstr;
    sstr << "0x" << setfill('0') << setw(8) << uppercase << hex << val;
    return sstr.str();
-}
+}