From 877842e413daf830114939dc6915d225c40197c3 Mon Sep 17 00:00:00 2001
From: Thorbjørn Lindeijer <thorbjorn@lindeijer.nl>
Date: Sat, 8 Jun 2013 22:44:53 +0200
Subject: Fixed MessageIn::getUnreadLength

It should not return large numbers after reading past the end of a
message. This can cause infinite loops in several places in the client
when a message happened to be shorter than expected.
---
 src/net/manaserv/messagein.h | 5 ++++-
 src/net/tmwa/messagein.h     | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/net/manaserv/messagein.h b/src/net/manaserv/messagein.h
index 89ae5ed8..1edc4fe7 100644
--- a/src/net/manaserv/messagein.h
+++ b/src/net/manaserv/messagein.h
@@ -52,7 +52,10 @@ class MessageIn
         /**
          * Returns the length of unread data.
          */
-        unsigned int getUnreadLength() const { return mLength - mPos; }
+        unsigned int getUnreadLength() const
+        {
+            return (mPos < mLength) ? mLength - mPos : 0;
+        }
 
         /**
          * Reads an unsigned 8-bit integer from the message.
diff --git a/src/net/tmwa/messagein.h b/src/net/tmwa/messagein.h
index 48121187..2f66ca28 100644
--- a/src/net/tmwa/messagein.h
+++ b/src/net/tmwa/messagein.h
@@ -50,7 +50,10 @@ class MessageIn
         /**
          * Returns the length of unread data.
          */
-        unsigned int getUnreadLength() const { return mLength - mPos; }
+        unsigned int getUnreadLength() const
+        {
+            return (mPos < mLength) ? mLength - mPos : 0;
+        }
 
         /**
          * Reads an unsigned 8-bit integer from the message.
-- 
cgit v1.2.3-70-g09d2