From 08a9991b5aef9ff36bd39296cbdec1cc83209d7b Mon Sep 17 00:00:00 2001 From: Max Luchterhand <52720531+maxluchterhand1@users.noreply.github.com> Date: Tue, 24 Mar 2020 09:39:54 +0100 Subject: When Client sends message longer than 256 bytes, kick him instead of handling message (#4514) * Wrong overload of function push() got called when pushing a cEntity*. Using a const cEntity * fixes this. * Fixed accidental wrong indentation * Compiler didn't like old style cast * Kicking player when writing chat message longer than 2048 * Accounted for Astrings size() method returning bits, not bytes * Fixed typo * Changed MAX_STRING_SIZE to 1024, removed unnecessary division by 8 * Handling message length check in cClientHandle:HandleChat * Guard clause instead of if else * Remove stale changes * Fixed formatting Co-authored-by: mluchterhand Co-authored-by: Peter Bell Co-authored-by: Mattes D --- src/ClientHandle.cpp | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/ClientHandle.cpp b/src/ClientHandle.cpp index 5fbea5403..f0c033107 100644 --- a/src/ClientHandle.cpp +++ b/src/ClientHandle.cpp @@ -43,6 +43,9 @@ /** Maximum number of block change interactions a player can perform per tick - exceeding this causes a kick */ #define MAX_BLOCK_CHANGE_INTERACTIONS 20 +/** Maximum number of bytes that a chat message sent by a player may consist of */ +#define MAX_CHAT_MSG_LENGTH 1024 + /** The interval for sending pings to clients. Vanilla sends one ping every 1 second. */ static const std::chrono::milliseconds PING_TIME_MS = std::chrono::milliseconds(1000); @@ -1549,6 +1552,13 @@ void cClientHandle::HandleRightClick(int a_BlockX, int a_BlockY, int a_BlockZ, e void cClientHandle::HandleChat(const AString & a_Message) { + if ((a_Message.size()) > MAX_CHAT_MSG_LENGTH) + { + this->Kick(std::string("Please don't exceed the maximum message length of ") + + std::to_string(MAX_CHAT_MSG_LENGTH) + ); + return; + } // We no longer need to postpone message processing, because the messages already arrive in the Tick thread // If a command, perform it: -- cgit v1.2.3