Unsafe code in Network messages

[xezon]

Unsafe code in Network messages

UnsignedInt dataLength = 0;
memcpy(&dataLength, data + i, sizeof(dataLength)); // safe, but...
i += sizeof(dataLength);

UnsignedByte *buf = NEW UnsignedByte[dataLength]; // CRASH, if sender gives us a dataLength of 2 GB.
memcpy(buf, data + i, dataLength);
i += dataLength;

[Mauller]

Going to look at this soon with a reasonable max size limit of a few hundred megabytes or so.

[xezon]

Hundred megabytes are still insane 😛