redstrate/kawari
1
Fork 0
mirror of https://github.com/redstrate/Kawari.git synced 2025-07-10 16:07:45 +00:00
Code Activity

Bounds check the string parts vecs.

Browse source 
Fix off by one error

Style nit.
This commit is contained in:
The Dax 2025-07-03 07:05:55 -04:00 committed by Joshua Goins
parent b3c954ed83
commit 1c7570c696
2 changed files with 23 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
src/bin/kawari-lobby.rs
View file

@ -24,7 +24,10 @@ use tokio::net::TcpListener;
/// If, and only if, all of these checks pass, does the client get allowed in. /// If, and only if, all of these checks pass, does the client get allowed in.
fn do_game_version_check(client_version_str: &str) -> bool { fn do_game_version_check(client_version_str: &str) -> bool {
let config = get_config(); let config = get_config();
const VERSION_STR_LEN: usize = 145; const VERSION_STR_LEN: usize = 144;
const VER_PARTS_LEN: usize = 6;
const EXE_PARTS_LEN: usize = 3;
let exe_name: String = "ffxiv_dx11.exe".to_string();
if client_version_str.len() != VERSION_STR_LEN { if client_version_str.len() != VERSION_STR_LEN {
tracing::error!( tracing::error!(
@ -37,15 +40,31 @@ fn do_game_version_check(client_version_str: &str) -> bool {
let game_exe_path = [ let game_exe_path = [
config.game_location, config.game_location,
MAIN_SEPARATOR_STR.to_string(), MAIN_SEPARATOR_STR.to_string(),
"ffxiv_dx11.exe".to_string(), exe_name.to_string(),
] ]
.join(""); .join("");
if let Ok(game_md) = fs::metadata(&game_exe_path) { if let Ok(game_md) = fs::metadata(&game_exe_path) {
let expected_exe_len = game_md.len(); let expected_exe_len = game_md.len();
let parts: Vec<&str> = client_version_str.split("+").collect(); let parts: Vec<&str> = client_version_str.split("+").collect();
if parts[0].starts_with("ffxiv_dx11.exe") { if parts.len() != VER_PARTS_LEN {
tracing::error!(
"Client's version string is malformed, it doesn't contain enough parts! Rejecting session! Got {}, expected {}",
parts.len(),
VER_PARTS_LEN
);
return false;
}
if parts[0].starts_with(&exe_name) {
let exe_parts: Vec<&str> = parts[0].split("/").collect(); let exe_parts: Vec<&str> = parts[0].split("/").collect();
if exe_parts.len() != EXE_PARTS_LEN {
tracing::error!(
"Client's version string is malformed, the exe section doesn't contain enough parts! Rejecting session! Got {}, expected {}",
parts.len(),
EXE_PARTS_LEN
);
return false;
}
match exe_parts[1].parse::<u64>() { match exe_parts[1].parse::<u64>() {
Ok(client_exe_len) => { Ok(client_exe_len) => {
if client_exe_len != expected_exe_len { if client_exe_len != expected_exe_len {

2
src/ipc/lobby/mod.rs
View file

@ -117,7 +117,7 @@ pub enum ClientLobbyIpcData {
#[bw(ignore)] #[bw(ignore)]
session_id: String, session_id: String,
#[br(count = 145)] #[br(count = 144)]
#[br(map = read_string)] #[br(map = read_string)]
#[bw(ignore)] #[bw(ignore)]
version_info: String, version_info: String,