phaneron/Kelsidavis-WoWee
1
0
Fork 0
mirror of https://github.com/Kelsidavis/WoWee.git synced 2026-03-22 23:30:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Cap auction count in AuctionListResultParser

Browse source 
SMSG_AUCTION_LIST_RESULT (Classic/TBC/WotLK) improvements:
- Cap auction count to 256 (prevents unbounded memory allocation)
- Each entry is 80-104 bytes depending on expansion
- Prevents DoS from servers sending huge auction lists
- Log warning when cap is reached

Prevents memory exhaustion from malformed auction house packets.
This commit is contained in:
Kelsi 2026-03-11 14:37:27 -07:00
parent 6e94a3345f
commit b699557597
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/game/world_packets.cpp
View file

@ -4976,6 +4976,13 @@ bool AuctionListResultParser::parse(network::Packet& packet, AuctionListResult&
if (packet.getSize() - packet.getReadPos() < 4) return false;
uint32_t count = packet.readUInt32();
// Cap auction count to prevent unbounded memory allocation
const uint32_t MAX_AUCTION_RESULTS = 256;
if (count > MAX_AUCTION_RESULTS) {
LOG_WARNING("AuctionListResultParser: count capped (requested=", count, ")");
count = MAX_AUCTION_RESULTS;
}
data.auctions.clear();
data.auctions.reserve(count);