edg-l/ddnet
1
0
Fork 0
mirror of https://github.com/ddnet/ddnet.git synced 2024-09-20 01:24:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge #5554

Browse source 
5554: Fix out of bounds read in checksum stuff r=def- a=heinrich5991

## Checklist

- [x] Tested the change ingame
- [ ] Provided screenshots if it is a visual change
- [ ] Tested in combination with possibly related configuration options
- [ ] Written a unit test if it works standalone, system.c especially
- [ ] Considered possible null pointers and out of bounds array indexing
- [ ] Changed no physics that affect existing maps
- [ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--undefinedbehavioursanitizer-or-valgrinds-memcheck) (optional)


Co-authored-by: heinrich5991 <heinrich5991@gmail.com>
This commit is contained in:
bors[bot] 2022-07-05 08:32:17 +00:00 committed by GitHub
parent b955d68efd e026bce50f
commit cbd0eafd95
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/engine/client/client.cpp
View file

@ -4131,7 +4131,10 @@ int CClient::HandleChecksum(int Conn, CUuid Uuid, CUnpacker *pUnpacker)
sha256_update(&Sha256Ctxt, &Uuid, sizeof(Uuid));
sha256_update(&Sha256Ctxt, aStartBytes, sizeof(aStartBytes));
sha256_update(&Sha256Ctxt, aEndBytes, sizeof(aEndBytes));
sha256_update(&Sha256Ctxt, m_Checksum.m_aBytes + Start, ChecksumBytesEnd - Start);
if(Start < (int)sizeof(m_Checksum.m_aBytes))
{
sha256_update(&Sha256Ctxt, m_Checksum.m_aBytes + Start, ChecksumBytesEnd - Start);
}
if(End > (int)sizeof(m_Checksum.m_aBytes))
{
unsigned char aBuf[2048];