diff --git a/src/network/network_server.cpp b/src/network/network_server.cpp index b0f3a98c80..6cbfe21ba6 100644 --- a/src/network/network_server.cpp +++ b/src/network/network_server.cpp @@ -611,6 +611,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_COMPANY_INFO) DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_NEWGRFS_CHECKED) { + if (cs->status != STATUS_INACTIVE) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED); + return; + } + NetworkClientInfo *ci = DEREF_CLIENT_INFO(cs); /* We now want a password from the client else we do not allow him in! */ @@ -627,6 +633,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_NEWGRFS_CHECKED) DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_JOIN) { + if (cs->status != STATUS_INACTIVE) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED); + return; + } + char name[NETWORK_CLIENT_NAME_LENGTH]; char unique_id[NETWORK_UNIQUE_ID_LENGTH]; NetworkClientInfo *ci; @@ -1011,6 +1023,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_QUIT) DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_ACK) { + if (cs->status < STATUS_AUTH) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_AUTHORIZED); + return; + } + uint32 frame = p->Recv_uint32(); /* The client is trying to catch up with the server */ @@ -1139,6 +1157,12 @@ void NetworkServerSendChat(NetworkAction action, DestType desttype, int dest, co DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_CHAT) { + if (cs->status < STATUS_AUTH) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_AUTHORIZED); + return; + } + NetworkAction action = (NetworkAction)p->Recv_uint8(); DestType desttype = (DestType)p->Recv_uint8(); int dest = p->Recv_uint16(); @@ -1151,6 +1175,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_CHAT) DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_SET_PASSWORD) { + if (cs->status != STATUS_ACTIVE) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED); + return; + } + char password[NETWORK_PASSWORD_LENGTH]; const NetworkClientInfo *ci; @@ -1164,6 +1194,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_SET_PASSWORD) DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_SET_NAME) { + if (cs->status != STATUS_ACTIVE) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED); + return; + } + char client_name[NETWORK_CLIENT_NAME_LENGTH]; NetworkClientInfo *ci;