From db0aaea188e480a740105d3a3e3d823ece1851e8 Mon Sep 17 00:00:00 2001 From: Jurriaan Bremer Date: Sun, 5 Oct 2025 14:24:38 +0200 Subject: [PATCH] fix immediate buffer overflows in netpacket TODO Fix numerous out of bound reads which may lead to crashes. --- Generals/Code/GameEngine/Source/GameNetwork/NetPacket.cpp | 4 ++-- GeneralsMD/Code/GameEngine/Source/GameNetwork/NetPacket.cpp | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Generals/Code/GameEngine/Source/GameNetwork/NetPacket.cpp b/Generals/Code/GameEngine/Source/GameNetwork/NetPacket.cpp index 09f4aab429..c78f937a53 100644 --- a/Generals/Code/GameEngine/Source/GameNetwork/NetPacket.cpp +++ b/Generals/Code/GameEngine/Source/GameNetwork/NetPacket.cpp @@ -5798,7 +5798,7 @@ NetCommandMsg * NetPacket::readFileMessage(UnsignedByte *data, Int &i) { char filename[_MAX_PATH]; char *c = filename; - while (data[i] != 0) { + for (Int l = 0; l < _MAX_PATH-1 && data[i] != 0; l++) { *c = data[i]; ++c; ++i; @@ -5825,7 +5825,7 @@ NetCommandMsg * NetPacket::readFileAnnounceMessage(UnsignedByte *data, Int &i) { char filename[_MAX_PATH]; char *c = filename; - while (data[i] != 0) { + for (Int l = 0; l < _MAX_PATH-1 && data[i] != 0; l++) { *c = data[i]; ++c; ++i; diff --git a/GeneralsMD/Code/GameEngine/Source/GameNetwork/NetPacket.cpp b/GeneralsMD/Code/GameEngine/Source/GameNetwork/NetPacket.cpp index 776ad7eb02..af053b5392 100644 --- a/GeneralsMD/Code/GameEngine/Source/GameNetwork/NetPacket.cpp +++ b/GeneralsMD/Code/GameEngine/Source/GameNetwork/NetPacket.cpp @@ -5798,7 +5798,7 @@ NetCommandMsg * NetPacket::readFileMessage(UnsignedByte *data, Int &i) { char filename[_MAX_PATH]; char *c = filename; - while (data[i] != 0) { + for (Int l = 0; l < _MAX_PATH-1 && data[i] != 0; l++) { *c = data[i]; ++c; ++i; @@ -5825,7 +5825,7 @@ NetCommandMsg * NetPacket::readFileAnnounceMessage(UnsignedByte *data, Int &i) { char filename[_MAX_PATH]; char *c = filename; - while (data[i] != 0) { + for (Int l = 0; l < _MAX_PATH-1 && data[i] != 0; l++) { *c = data[i]; ++c; ++i;