From 523ba1ff50dfaee79036c03d83ee6d64475cbd37 Mon Sep 17 00:00:00 2001 From: truelight Date: Thu, 16 Dec 2004 11:35:08 +0000 Subject: [PATCH] (svn r1127) -Fix: [Network] Protect the network against an illegal PLAYER_CTRL (in which a modified client could, for example, delete a random active company) --- network_server.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/network_server.c b/network_server.c index 29402bf4fc..c6f655d7bf 100644 --- a/network_server.c +++ b/network_server.c @@ -775,14 +775,21 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_COMMAND) ci = DEREF_CLIENT_INFO(cs); // Only CMD_PLAYER_CTRL is always allowed, for the rest, playas needs // to match the player in the packet - if (cp->cmd != CMD_PLAYER_CTRL && ci->client_playas-1 != cp->player) { + if (!(cp->cmd == CMD_PLAYER_CTRL && cp->p1 == 0) && ci->client_playas-1 != cp->player) { // The player did a command with the wrong player_id.. bad!! SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_PLAYER_MISMATCH); return; } if (cp->cmd == CMD_PLAYER_CTRL) { - // UGLY! p2 is mis-used to get the client-id in CmdPlayerCtrl - cp->p2 = cs - _clients; + if (cp->p1 == 0) + // UGLY! p2 is mis-used to get the client-id in CmdPlayerCtrl + cp->p2 = cs - _clients; + else { + /* We do NOT allow any client to send any PLAYER_CTRL packet.. + (they can delete random players with it if they like */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_PLAYER_MISMATCH); + return; + } }