Merge pull request #287 from Chrezm/nonum/small_security_fixes

Enforce proper start and end ranges in certain at and mid calls

src/courtroom.cpp

@@ -673,7 +673,7 @@ void Courtroom::handle_chatmessage(QStringList p_contents)
   for (int i = 0; i < MESSAGE_SIZE; ++i)
     m_chatmessage[i] = p_contents[i];
 
-  m_hide_character = m_chatmessage[CMShowCharacter].toInt();
+  m_hide_character = m_chatmessage[CMHideCharacter].toInt();
   m_play_pre = false;
   m_play_zoom = false;
   const int l_emote_mod = m_chatmessage[CMEmoteModifier].toInt();

src/datatypes.h

@@ -141,7 +141,7 @@ enum ChatMessage : int32_t
   CMTextColor,
   CMShowName,
   CMVideoName,
-  CMShowCharacter,
+  CMHideCharacter,
 };
 
 enum EmoteMod

src/server_socket.cpp

@@ -141,6 +141,14 @@ void AOApplication::_p_handle_server_packet(DRPacket p_packet)
       return;
 
     QVector<char_type> l_chr_list = m_courtroom->get_character_list();
+    if (l_content.length() != l_chr_list.length())
+    {
+      qWarning() << "Server sent a character list of length " << l_content.length()
+                 << "which is different from the expected length " << l_chr_list.length()
+                 << "so ignoring it.";
+      return;
+    }
+
     for (int i = 0; i < l_chr_list.length(); ++i)
       l_chr_list[i].taken = l_content.at(i) == "-1";
     m_courtroom->set_character_list(l_chr_list);
@@ -320,8 +328,8 @@ void AOApplication::_p_handle_server_packet(DRPacket p_packet)
   }
   else if (l_header == "CL")
   {
-    qDebug() << l_content;
-    m_courtroom->handle_clock(l_content.at(1));
+    if (is_courtroom_constructed && l_content.size() > 0)
+      m_courtroom->handle_clock(l_content.at(1));
   }
   else if (l_header == "GM")
   {