Merge pull request #579 from jengelh/dedi

Resolve out-of-bounds accesses with dedicated server code [ASAN] fixes #571
2025-01-22 11:28:56 +00:00 · 2024-09-09 13:33:29 +03:00 · 2024-09-09 13:33:29 +03:00 · c003a98835
commit c003a98835
parent 40aae150b3 b9fbee0e25
4 changed files with 9 additions and 7 deletions
--- a/Descent3/dedicated_server.cpp
+++ b/Descent3/dedicated_server.cpp
@ -328,7 +328,7 @@ int LoadServerConfigFile() {
  }

  if (GameArgs[t + 1][0]) {
-    strcpy(Netgame.server_config_name, GameArgs[t + 1]);
+    Netgame.server_config_name = GameArgs[t + 1];
  } else {
    PrintDedicatedMessage(TXT_DS_MISSINGCONFIG);
    PrintDedicatedMessage("\n");
@ -337,7 +337,7 @@ int LoadServerConfigFile() {

  //	open file
  if (!inf.Open(Netgame.server_config_name, "[server config file]", DedicatedServerLex)) {
-    PrintDedicatedMessage(TXT_DS_BADCONFIG, Netgame.server_config_name);
+    PrintDedicatedMessage(TXT_DS_BADCONFIG, Netgame.server_config_name.u8string().c_str());
    PrintDedicatedMessage("\n");
    return 0;
  }
@ -346,7 +346,8 @@ int LoadServerConfigFile() {
  while (inf.ReadLine()) {
    int cmd;

-    while ((cmd = inf.ParseLine(operand, INFFILE_LINELEN)) > INFFILE_ERROR) {
+    while ((cmd = inf.ParseLine(operand, INFFILE_LINELEN)) > INFFILE_ERROR &&
+           cmd != INFFILE_SYMBOL) {
      SetCVar(CVars[cmd].varname, operand, true);
    }
  }
--- a/Descent3/multi_external.h
+++ b/Descent3/multi_external.h
@ -121,6 +121,7 @@ typedef int HANDLE;
 #include "descent.h" //for MSN_NAMELEN
 #include "byteswap.h"
 #include <cassert>
+#include <filesystem>

 #define NETGAME_NAME_LEN 32
 #define NETGAME_SCRIPT_LEN 32
@ -249,7 +250,7 @@ struct netgame_info {
  char mission[MSN_NAMELEN];
  char mission_name[MISSION_NAME_LEN];
  char scriptname[NETGAME_SCRIPT_LEN];
-  char server_config_name[PAGENAME_LEN];
+  std::filesystem::path server_config_name;
  char connection_name[PAGENAME_LEN];
  network_address server_address; // The address of the server that we're talking to - not used if we are the server

--- a/cfile/inffile.cpp
+++ b/cfile/inffile.cpp
@ -60,7 +60,7 @@ void InfFile::FreeSymbols() {
  while ((sym = m_sym_list.start()) != 0) {
    sym = m_sym_list.unlink();
    if (sym->t.text)
-      delete sym->t.text;
+      delete[] sym->t.text;
    delete sym;
  }
 }
--- a/netcon/includes/mdllinit.h
+++ b/netcon/includes/mdllinit.h
@ -311,8 +311,8 @@ DLLNum_modems_found = (int *)API.vp[24];
 DLLUse_DirectPlay = (bool *)API.vp[22];
 #endif
 DLLDedicated_server = (bool *)API.vp[25];
-DLLTCP_active = (BOOL)*API.vp[26];
-DLLIPX_active = (BOOL)*API.vp[27];
+DLLTCP_active = *(bool *)API.vp[26];
+DLLIPX_active = *(bool *)API.vp[27];
 DLLnw_ListenPort = (uint16_t)((size_t)API.vp[28] & 0xffff);
 DLLMulti_Gamelist_changed = (bool *)API.vp[29];
 DLLPXO_hosted_lobby_name = (char *)API.vp[30];