# HG changeset patch # User rubidium # Date 1212914659 0 # Node ID 778ccd64c8ddd71415223124598de6eebae1e579 # Parent bca56684c5be0647c09875e1eb2509c665f112d6 (svn r13408) -Codechange: some stricter checking. diff --git a/src/network/network_server.cpp b/src/network/network_server.cpp --- a/src/network/network_server.cpp +++ b/src/network/network_server.cpp @@ -611,6 +611,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_NEWGRFS_CHECKED) { + if (cs->status != STATUS_INACTIVE) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED); + return; + } + NetworkClientInfo *ci = DEREF_CLIENT_INFO(cs); /* We now want a password from the client else we do not allow him in! */ @@ -627,6 +633,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_JOIN) { + if (cs->status != STATUS_INACTIVE) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED); + return; + } + char name[NETWORK_CLIENT_NAME_LENGTH]; char unique_id[NETWORK_UNIQUE_ID_LENGTH]; NetworkClientInfo *ci; @@ -1011,6 +1023,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_ACK) { + if (cs->status < STATUS_AUTH) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_AUTHORIZED); + return; + } + uint32 frame = p->Recv_uint32(); /* The client is trying to catch up with the server */ @@ -1139,6 +1157,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_CHAT) { + if (cs->status < STATUS_AUTH) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_AUTHORIZED); + return; + } + NetworkAction action = (NetworkAction)p->Recv_uint8(); DestType desttype = (DestType)p->Recv_uint8(); int dest = p->Recv_uint16(); @@ -1151,6 +1175,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_SET_PASSWORD) { + if (cs->status != STATUS_ACTIVE) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED); + return; + } + char password[NETWORK_PASSWORD_LENGTH]; const NetworkClientInfo *ci; @@ -1164,6 +1194,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_SET_NAME) { + if (cs->status != STATUS_ACTIVE) { + /* Illegal call, return error and ignore the packet */ + SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_NOT_EXPECTED); + return; + } + char client_name[NETWORK_CLIENT_NAME_LENGTH]; NetworkClientInfo *ci;