charleslemaux/Mirror
1
0
Fork 0
mirror of https://github.com/MirrorNetworking/Mirror.git synced 2024-11-18 02:50:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Telepathy: Common.ReadMessageBlocking: log warning instead of logging OverflowException if size header is negative

Browse Source
This commit is contained in:
vis2k 2020-11-25 21:40:55 +08:00
parent ef77c90447
commit 31c3c2f924
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Assets/Mirror/Runtime/Transport/Telepathy/Common.cs
View File

@ -133,13 +133,15 @@ protected static bool ReadMessageBlocking(NetworkStream stream, int MaxMessageSi
// protect against allocation attacks. an attacker might send
// multiple fake '2GB header' packets in a row, causing the server
// to allocate multiple 2GB byte arrays and run out of memory.
if (size <= MaxMessageSize)
//
// also protect against size <= 0 which would cause issues
if (size > 0 && size <= MaxMessageSize)
{
// read exactly 'size' bytes for content (blocking)
content = new byte[size];
return stream.ReadExactly(content, size);
}
Logger.LogWarning("ReadMessageBlocking: possible allocation attack with a header of: " + size + " bytes.");
Logger.LogWarning("ReadMessageBlocking: possible header attack with a header of: " + size + " bytes.");
return false;
}