Skip to content

Commit

Permalink
Fix splitPacketCount vulnerability per issue SLikeSoft#60
Browse files Browse the repository at this point in the history
  • Loading branch information
@exuvo
exuvo committed Aug 30, 2022
1 parent cc0a64f commit 15b2d71
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion Source/src/ReliabilityLayer.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2828,10 +2828,14 @@ InternalPacket* ReliabilityLayer::CreateInternalPacketFromBitStream(SLNet::BitSt
internalPacket->splitPacketCount=0;
}

const int maxPacketSize = 1024 * 1024 * 4;
const int maxPacketSplit = (maxPacketSize + (MINIMUM_MTU_SIZE - 1)) / MINIMUM_MTU_SIZE;

if (readSuccess==false ||
internalPacket->dataBitLength==0 ||
internalPacket->reliability>=NUMBER_OF_RELIABILITIES ||
internalPacket->orderingChannel>=32 ||
internalPacket->orderingChannel>=32 ||
internalPacket->splitPacketCount > maxPacketSplit ||
(hasSplitPacket && (internalPacket->splitPacketIndex >= internalPacket->splitPacketCount)))
{
// If this assert hits, encoding is garbage
Expand Down

0 comments on commit 15b2d71

Please sign in to comment.