From 7c82cd82d7216299ca7a2497f4bc318f3532650a Mon Sep 17 00:00:00 2001 From: iTrooz Date: Sat, 25 Jan 2025 20:19:19 +0100 Subject: [PATCH] use m_responseReadState to avoid calling parseResponse() (as a failsafe for malicious/bad server responses) Signed-off-by: iTrooz --- launcher/ui/pages/instance/McClient.cpp | 12 +++++++++--- launcher/ui/pages/instance/McClient.h | 4 ++++ 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/launcher/ui/pages/instance/McClient.cpp b/launcher/ui/pages/instance/McClient.cpp index 05d4ac31a..3ed6a7665 100644 --- a/launcher/ui/pages/instance/McClient.cpp +++ b/launcher/ui/pages/instance/McClient.cpp @@ -46,18 +46,24 @@ void McClient::sendRequest() { writePacketToSocket(data); // send status packet } -// Accumulate data until we have a full response, then call parseResponse() +// Accumulate data until we have a full response, then call parseResponse() once void McClient::readRawResponse() { + if (m_responseReadState == 2) { + return; + } + m_resp.append(m_socket.readAll()); - if (m_wantedRespLength == 0 && m_resp.size() >= 5) { + if (m_responseReadState == 0 && m_resp.size() >= 5) { m_wantedRespLength = readVarInt(m_resp); + m_responseReadState = 1; } - if (m_wantedRespLength != 0 && m_resp.size() >= m_wantedRespLength) { + if (m_responseReadState == 1 && m_resp.size() >= m_wantedRespLength) { if (m_resp.size() > m_wantedRespLength) { qDebug() << "Warning: Packet length doesn't match actual packet size (" << m_wantedRespLength << " expected vs " << m_resp.size() << " received)"; } parseResponse(); + m_responseReadState = 2; } } diff --git a/launcher/ui/pages/instance/McClient.h b/launcher/ui/pages/instance/McClient.h index 55d0350d1..11983eaa8 100644 --- a/launcher/ui/pages/instance/McClient.h +++ b/launcher/ui/pages/instance/McClient.h @@ -15,6 +15,10 @@ class McClient : public QObject { short m_port; QTcpSocket m_socket; + // 0: did not start reading the response yet + // 1: read the response length, still reading the response + // 2: finished reading the response + unsigned m_responseReadState = 0; unsigned m_wantedRespLength = 0; QByteArray m_resp;