From 25abd43600a693a47acd755b5713b342de86a7ca Mon Sep 17 00:00:00 2001
From: Andrei Karas <akaras@inbox.ru>
Date: Tue, 6 Nov 2018 19:49:46 +0300
Subject: Add send packet validation for connections between server and
 clients.

---
 src/common/socket.h | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'src/common/socket.h')

diff --git a/src/common/socket.h b/src/common/socket.h
index 3c082e718..2d497ebfc 100644
--- a/src/common/socket.h
+++ b/src/common/socket.h
@@ -73,7 +73,8 @@ struct config_setting_t;
 		} \
 	} while(0)
 
-#define WFIFOSET(fd, len)  (sockt->wfifoset(fd, len))
+#define WFIFOSET(fd, len)  (sockt->wfifoset(fd, len, true))
+#define WFIFOSET2(fd, len)  (sockt->wfifoset(fd, len, false))
 #define RFIFOSKIP(fd, len) (sockt->rfifoskip(fd, len))
 
 /* [Ind/Hercules] */
@@ -122,6 +123,7 @@ struct socket_data {
 		unsigned char eof : 1;
 		unsigned char server : 1;
 		unsigned char ping : 2;
+		unsigned char validate : 1;
 	} flag;
 
 	uint32 client_addr; // remote client address
@@ -178,9 +180,11 @@ struct socket_interface {
 	/* */
 	time_t stall_time;
 	time_t last_tick;
+
 	/* */
 	uint32 addr_[16];   // ip addresses of local host (host byte order)
 	int naddr_;   // # of ip addresses
+	bool validate;
 
 	struct socket_data **session;
 
@@ -200,9 +204,10 @@ struct socket_interface {
 	int (*make_connection) (uint32 ip, uint16 port, struct hSockOpt *opt);
 	int (*realloc_fifo) (int fd, unsigned int rfifo_size, unsigned int wfifo_size);
 	int (*realloc_writefifo) (int fd, size_t addition);
-	int (*wfifoset) (int fd, size_t len);
+	int (*wfifoset) (int fd, size_t len, bool validate);
 	int (*rfifoskip) (int fd, size_t len);
 	void (*close) (int fd);
+	void (*validateWfifo) (int fd, size_t len);
 	/* */
 	bool (*session_is_valid) (int fd);
 	bool (*session_is_active) (int fd);
-- 
cgit v1.2.3-60-g2f50


From e35402b608ace44f80928591bad388a0d5765184 Mon Sep 17 00:00:00 2001
From: Andrei Karas <akaras@inbox.ru>
Date: Thu, 8 Nov 2018 00:28:34 +0300
Subject: Add validation for WFIFOHEAD buffer allocations.

---
 src/common/socket.c | 23 ++++++++++++++++++++---
 src/common/socket.h |  8 +++-----
 2 files changed, 23 insertions(+), 8 deletions(-)

(limited to 'src/common/socket.h')

diff --git a/src/common/socket.c b/src/common/socket.c
index 735571825..a0096c1da 100644
--- a/src/common/socket.c
+++ b/src/common/socket.c
@@ -892,6 +892,15 @@ static int wfifoset(int fd, size_t len, bool validate)
 	return 0;
 }
 
+static void wfifohead(int fd, size_t len)
+{
+	Assert_retv(fd >= 0);
+
+	sockt->session[fd]->last_head_size = (uint32)len;
+	if (sockt->session[fd]->wdata_size + len > sockt->session[fd]->max_wdata)
+		sockt->realloc_writefifo(fd, len);
+}
+
 static int do_sockets(int next)
 {
 #ifndef SOCKET_EPOLL
@@ -2065,6 +2074,9 @@ static void socket_validateWfifo(int fd, size_t len)
 		return;
 	}
 	const uint cmd = (uint)WFIFOW(fd, 0);
+	const uint last_head_size = sockt->session[fd]->last_head_size;
+	sockt->session[fd]->last_head_size = 0;
+
 	if (cmd < MIN_PACKET_DB || cmd > MAX_PACKET_DB) {
 		ShowError("Sent wrong packet id: 0x%04X\n", cmd);
 		Assert_retv(0);
@@ -2079,17 +2091,21 @@ static void socket_validateWfifo(int fd, size_t len)
 	const int len2 = (int)len;
 	if (packet_len == -1) {
 		if (len2 < 4) {
-			ShowError("Sent packet with size smaller than 2\n");
+			ShowError("Sent packet with size smaller than 4\n");
 			Assert_retv(0);
 			return;
 		}
 		packet_len = WFIFOW(fd, 2);
 		if (packet_len != len2) {
-			ShowError("Sent packet 0x%04X with dynamic size %d, but must be size %d \n", cmd, len2, packet_len);
+			ShowError("Sent packet 0x%04X with dynamic size %d, but must be size %d\n", cmd, len2, packet_len);
 			Assert_retv(0);
 		}
 	} else if (packet_len != len2) {
-		ShowError("Sent packet 0x%04X with size %d, but must be size %d \n", cmd, len2, packet_len);
+		ShowError("Sent packet 0x%04X with size %d, but must be size %d\n", cmd, len2, packet_len);
+		Assert_retv(0);
+	}
+	if (last_head_size < packet_len) {
+		ShowError("Reserved too small packet buffer for packet 0x%04X with size %u, but must be size %d\n", cmd, last_head_size, packet_len);
 		Assert_retv(0);
 	}
 }
@@ -2123,6 +2139,7 @@ void socket_defaults(void)
 	sockt->realloc_fifo = realloc_fifo;
 	sockt->realloc_writefifo = realloc_writefifo;
 	sockt->wfifoset = wfifoset;
+	sockt->wfifohead = wfifohead;
 	sockt->rfifoskip = rfifoskip;
 	sockt->close = socket_close;
 	/* */
diff --git a/src/common/socket.h b/src/common/socket.h
index 2d497ebfc..c5d0e224e 100644
--- a/src/common/socket.h
+++ b/src/common/socket.h
@@ -41,11 +41,7 @@ struct config_setting_t;
 
 // socket I/O macros
 #define RFIFOHEAD(fd)
-#define WFIFOHEAD(fd, size) \
-	do{ \
-		if ((fd) && sockt->session[fd]->wdata_size + (size) > sockt->session[fd]->max_wdata) \
-			sockt->realloc_writefifo((fd), (size)); \
-	} while(0)
+#define WFIFOHEAD(fd, size) sockt->wfifohead(fd, size)
 
 #define RFIFOP(fd,pos) ((const void *)(sockt->session[fd]->rdata + sockt->session[fd]->rdata_pos + (pos)))
 #define WFIFOP(fd,pos) ((void *)(sockt->session[fd]->wdata + sockt->session[fd]->wdata_size + (pos)))
@@ -132,6 +128,7 @@ struct socket_data {
 	size_t max_rdata, max_wdata;
 	size_t rdata_size, wdata_size;
 	size_t rdata_pos;
+	uint last_head_size;
 	time_t rdata_tick; // time of last recv (for detecting timeouts); zero when timeout is disabled
 
 	RecvFunc func_recv;
@@ -205,6 +202,7 @@ struct socket_interface {
 	int (*realloc_fifo) (int fd, unsigned int rfifo_size, unsigned int wfifo_size);
 	int (*realloc_writefifo) (int fd, size_t addition);
 	int (*wfifoset) (int fd, size_t len, bool validate);
+	void (*wfifohead) (int fd, size_t len);
 	int (*rfifoskip) (int fd, size_t len);
 	void (*close) (int fd);
 	void (*validateWfifo) (int fd, size_t len);
-- 
cgit v1.2.3-60-g2f50


From 7904cecc22e4008f7862eaad8162a72a28595521 Mon Sep 17 00:00:00 2001
From: Andrei Karas <akaras@inbox.ru>
Date: Tue, 13 Nov 2018 20:52:46 +0300
Subject: Update visual studio project files.

---
 configure                              | 2 +-
 src/common/socket.c                    | 6 +++---
 src/common/socket.h                    | 2 +-
 vcproj-12/char-server.vcxproj          | 1 +
 vcproj-12/char-server.vcxproj.filters  | 3 +++
 vcproj-12/login-server.vcxproj         | 1 +
 vcproj-12/login-server.vcxproj.filters | 3 +++
 vcproj-12/map-server.vcxproj           | 1 +
 vcproj-12/map-server.vcxproj.filters   | 3 +++
 vcproj-14/char-server.vcxproj          | 1 +
 vcproj-14/char-server.vcxproj.filters  | 3 +++
 vcproj-14/login-server.vcxproj         | 1 +
 vcproj-14/login-server.vcxproj.filters | 3 +++
 vcproj-14/map-server.vcxproj           | 1 +
 vcproj-14/map-server.vcxproj.filters   | 3 +++
 vcproj-15/char-server.vcxproj          | 1 +
 vcproj-15/char-server.vcxproj.filters  | 3 +++
 vcproj-15/login-server.vcxproj         | 1 +
 vcproj-15/login-server.vcxproj.filters | 3 +++
 vcproj-15/map-server.vcxproj           | 1 +
 vcproj-15/map-server.vcxproj.filters   | 3 +++
 21 files changed, 41 insertions(+), 5 deletions(-)

(limited to 'src/common/socket.h')

diff --git a/configure b/configure
index f585f787f..41b308828 100755
--- a/configure
+++ b/configure
@@ -1,5 +1,5 @@
 #! /bin/sh
-# From configure.ac 26efcebad.
+# From configure.ac e207bf99b.
 # Guess values for system-dependent variables and create Makefiles.
 # Generated by GNU Autoconf 2.69.
 #
diff --git a/src/common/socket.c b/src/common/socket.c
index f9ee16bf9..025776172 100644
--- a/src/common/socket.c
+++ b/src/common/socket.c
@@ -817,7 +817,7 @@ static int rfifoskip(int fd, size_t len)
 		const size_t lenRest = RFIFOREST(fd);
 		if (s->flag.validate == 1 && len == lenRest) {
 			if (lenRest >= 2) {
-				const uint cmd = (uint)RFIFOW(fd, 0);
+				const uint32 cmd = (uint32)RFIFOW(fd, 0);
 				if (cmd < MIN_PACKET_DB || cmd > MAX_PACKET_DB) {
 					ShowError("Skip wrong packet id: 0x%04X\n", cmd);
 					Assert_report(0);
@@ -2102,8 +2102,8 @@ static void socket_validateWfifo(int fd, size_t len)
 		Assert_retv(0);
 		return;
 	}
-	const uint cmd = (uint)WFIFOW(fd, 0);
-	const uint last_head_size = sockt->session[fd]->last_head_size;
+	const uint32 cmd = (uint32)WFIFOW(fd, 0);
+	const uint32 last_head_size = sockt->session[fd]->last_head_size;
 	sockt->session[fd]->last_head_size = 0;
 
 	if (cmd < MIN_PACKET_DB || cmd > MAX_PACKET_DB) {
diff --git a/src/common/socket.h b/src/common/socket.h
index c5d0e224e..5e4251989 100644
--- a/src/common/socket.h
+++ b/src/common/socket.h
@@ -128,7 +128,7 @@ struct socket_data {
 	size_t max_rdata, max_wdata;
 	size_t rdata_size, wdata_size;
 	size_t rdata_pos;
-	uint last_head_size;
+	uint32 last_head_size;
 	time_t rdata_tick; // time of last recv (for detecting timeouts); zero when timeout is disabled
 
 	RecvFunc func_recv;
diff --git a/vcproj-12/char-server.vcxproj b/vcproj-12/char-server.vcxproj
index 411191400..284f38239 100644
--- a/vcproj-12/char-server.vcxproj
+++ b/vcproj-12/char-server.vcxproj
@@ -206,6 +206,7 @@
     <ClCompile Include="..\src\char\int_rodex.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\des.c" />
diff --git a/vcproj-12/char-server.vcxproj.filters b/vcproj-12/char-server.vcxproj.filters
index 52d3bde16..ab023a77f 100644
--- a/vcproj-12/char-server.vcxproj.filters
+++ b/vcproj-12/char-server.vcxproj.filters
@@ -7,6 +7,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
diff --git a/vcproj-12/login-server.vcxproj b/vcproj-12/login-server.vcxproj
index 060460923..325fe53c8 100644
--- a/vcproj-12/login-server.vcxproj
+++ b/vcproj-12/login-server.vcxproj
@@ -203,6 +203,7 @@
     <ClCompile Include="..\src\login\loginlog.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\ers.c" />
diff --git a/vcproj-12/login-server.vcxproj.filters b/vcproj-12/login-server.vcxproj.filters
index 1f3b6ba0f..301950f0d 100644
--- a/vcproj-12/login-server.vcxproj.filters
+++ b/vcproj-12/login-server.vcxproj.filters
@@ -22,6 +22,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
diff --git a/vcproj-12/map-server.vcxproj b/vcproj-12/map-server.vcxproj
index 4756cca2a..3435ec4b6 100644
--- a/vcproj-12/map-server.vcxproj
+++ b/vcproj-12/map-server.vcxproj
@@ -232,6 +232,7 @@
     <ClCompile Include="..\3rdparty\mt19937ar\mt19937ar.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\des.c" />
diff --git a/vcproj-12/map-server.vcxproj.filters b/vcproj-12/map-server.vcxproj.filters
index e3bf78fb9..8457ddf5f 100644
--- a/vcproj-12/map-server.vcxproj.filters
+++ b/vcproj-12/map-server.vcxproj.filters
@@ -124,6 +124,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
diff --git a/vcproj-14/char-server.vcxproj b/vcproj-14/char-server.vcxproj
index 692210a15..bc5014b9c 100644
--- a/vcproj-14/char-server.vcxproj
+++ b/vcproj-14/char-server.vcxproj
@@ -205,6 +205,7 @@
     <ClCompile Include="..\src\char\int_rodex.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\des.c" />
diff --git a/vcproj-14/char-server.vcxproj.filters b/vcproj-14/char-server.vcxproj.filters
index 52d3bde16..ab023a77f 100644
--- a/vcproj-14/char-server.vcxproj.filters
+++ b/vcproj-14/char-server.vcxproj.filters
@@ -7,6 +7,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
diff --git a/vcproj-14/login-server.vcxproj b/vcproj-14/login-server.vcxproj
index 42f71c1a0..3b5e13373 100644
--- a/vcproj-14/login-server.vcxproj
+++ b/vcproj-14/login-server.vcxproj
@@ -201,6 +201,7 @@
     <ClCompile Include="..\src\login\loginlog.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\ers.c" />
diff --git a/vcproj-14/login-server.vcxproj.filters b/vcproj-14/login-server.vcxproj.filters
index 1f3b6ba0f..301950f0d 100644
--- a/vcproj-14/login-server.vcxproj.filters
+++ b/vcproj-14/login-server.vcxproj.filters
@@ -22,6 +22,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
diff --git a/vcproj-14/map-server.vcxproj b/vcproj-14/map-server.vcxproj
index ae834de75..fca2a7826 100644
--- a/vcproj-14/map-server.vcxproj
+++ b/vcproj-14/map-server.vcxproj
@@ -230,6 +230,7 @@
     <ClCompile Include="..\3rdparty\mt19937ar\mt19937ar.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\des.c" />
diff --git a/vcproj-14/map-server.vcxproj.filters b/vcproj-14/map-server.vcxproj.filters
index 9bf13d9f7..49099de50 100644
--- a/vcproj-14/map-server.vcxproj.filters
+++ b/vcproj-14/map-server.vcxproj.filters
@@ -121,6 +121,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
diff --git a/vcproj-15/char-server.vcxproj b/vcproj-15/char-server.vcxproj
index ad4de5be4..253437275 100644
--- a/vcproj-15/char-server.vcxproj
+++ b/vcproj-15/char-server.vcxproj
@@ -205,6 +205,7 @@
     <ClCompile Include="..\src\char\int_rodex.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\des.c" />
diff --git a/vcproj-15/char-server.vcxproj.filters b/vcproj-15/char-server.vcxproj.filters
index 52d3bde16..ab023a77f 100644
--- a/vcproj-15/char-server.vcxproj.filters
+++ b/vcproj-15/char-server.vcxproj.filters
@@ -7,6 +7,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
diff --git a/vcproj-15/login-server.vcxproj b/vcproj-15/login-server.vcxproj
index 0f03acabc..9f372373b 100644
--- a/vcproj-15/login-server.vcxproj
+++ b/vcproj-15/login-server.vcxproj
@@ -202,6 +202,7 @@
     <ClCompile Include="..\src\login\loginlog.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\ers.c" />
diff --git a/vcproj-15/login-server.vcxproj.filters b/vcproj-15/login-server.vcxproj.filters
index 1f3b6ba0f..301950f0d 100644
--- a/vcproj-15/login-server.vcxproj.filters
+++ b/vcproj-15/login-server.vcxproj.filters
@@ -22,6 +22,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
diff --git a/vcproj-15/map-server.vcxproj b/vcproj-15/map-server.vcxproj
index fb9d57e9c..ac24ce2a2 100644
--- a/vcproj-15/map-server.vcxproj
+++ b/vcproj-15/map-server.vcxproj
@@ -231,6 +231,7 @@
     <ClCompile Include="..\3rdparty\mt19937ar\mt19937ar.c" />
     <ClCompile Include="..\src\common\conf.c" />
     <ClCompile Include="..\src\common\core.c" />
+    <ClCompile Include="..\src\common\packets.c" />
     <ClCompile Include="..\src\common\console.c" />
     <ClCompile Include="..\src\common\db.c" />
     <ClCompile Include="..\src\common\des.c" />
diff --git a/vcproj-15/map-server.vcxproj.filters b/vcproj-15/map-server.vcxproj.filters
index 8c91df7c7..d616f0cbc 100644
--- a/vcproj-15/map-server.vcxproj.filters
+++ b/vcproj-15/map-server.vcxproj.filters
@@ -124,6 +124,9 @@
     <ClCompile Include="..\src\common\core.c">
       <Filter>common</Filter>
     </ClCompile>
+    <ClCompile Include="..\src\common\packets.c">
+      <Filter>common</Filter>
+    </ClCompile>
     <ClCompile Include="..\src\common\console.c">
       <Filter>common</Filter>
     </ClCompile>
-- 
cgit v1.2.3-60-g2f50