Fixed String Parsing crash bug
Check string length against actual remaining data, not an abitary constant
This commit is contained in:
parent
eb87214f6d
commit
9e6161305d
@ -91,11 +91,7 @@ bool cParsedNBT::ReadString(size_t & a_StringStart, size_t & a_StringLen)
|
|||||||
NEEDBYTES(2);
|
NEEDBYTES(2);
|
||||||
a_StringStart = m_Pos + 2;
|
a_StringStart = m_Pos + 2;
|
||||||
a_StringLen = static_cast<size_t>(GetBEShort(m_Data + m_Pos));
|
a_StringLen = static_cast<size_t>(GetBEShort(m_Data + m_Pos));
|
||||||
if (a_StringLen > 0xffff)
|
NEEDBYTES(a_StringLen);
|
||||||
{
|
|
||||||
// Suspicious string length
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
m_Pos += 2 + a_StringLen;
|
m_Pos += 2 + a_StringLen;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user