phaneron/Kelsidavis-WoWee
1
0
Fork 0
mirror of https://github.com/Kelsidavis/WoWee.git synced 2026-03-27 01:00:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
Kelsidavis-WoWee/src/game
History
Kelsi e464300346 Add pointCount cap to SMSG_MONSTER_MOVE spline parsing 
Improve robustness of monster move spline parsing by capping the pointCount
field to prevent excessive iteration from malformed or malicious packets.

- WotLK: Cap pointCount to 1000 waypoints (realistic maximum for movement)
- Vanilla (Turtle): Reduce existing cap from 16384 to 1000 and add warning
  logging when cap is applied
- Both variants now log warnings when cap is exceeded, including guid context

A malicious or corrupted server sending an unrealistic pointCount value (e.g.
uint32_max) could previously cause the client to allocate excessive memory or
iterate excessively. The 1000-waypoint cap aligns with realistic movement
paths while protecting against DoS vectors.

Part of ongoing Tier 2 work to improve multi-expansion packet parsing robustness.
2026-03-11 14:13:09 -07:00
..
character.cpp Add body type selection for nonbinary characters and reduce preview rotation sensitivity 2026-02-09 17:56:04 -08:00
entity.cpp Fix transport/WMO diagnostics and terrain WMO dedup lifecycle 2026-02-18 22:36:34 -08:00
expansion_profile.cpp Unify asset system: one asset set, always high-res 2026-02-15 04:18:34 -08:00
game_handler.cpp fix: correct Classic/TBC loot packet format parsing (missing randomSuffix/randomPropId) 2026-03-11 05:09:43 -07:00
inventory.cpp Fix shutdown hangs, bank bag icons/drag-drop, loading screen progress, and login spawn 2026-02-26 13:38:29 -08:00
opcode_table.cpp Opcode registry: move to generated canonical+alias pipeline 2026-02-20 03:02:31 -08:00
opcodes.cpp Initial commit: wowee native WoW 3.3.5a client 2026-02-02 13:03:22 -08:00
packet_parsers_classic.cpp Add packet size validation to SMSG_GAMEOBJECT_QUERY_RESPONSE parsing 2026-03-11 14:11:45 -07:00
packet_parsers_tbc.cpp Add packet size validation to SMSG_ITEM_QUERY_SINGLE_RESPONSE parsing 2026-03-11 14:08:59 -07:00
player.cpp Initial commit: wowee native WoW 3.3.5a client 2026-02-02 13:03:22 -08:00
transport_manager.cpp Fix Deeprun Tram: visual movement, direction, and player riding 2026-03-06 23:01:11 -08:00
update_field_table.cpp feat: track UNIT_FIELD_STAT0-4 from server update fields for accurate character stats 2026-03-10 23:08:15 -07:00
warden_crypto.cpp Fix CodeQL weak-crypto suppressions: switch lgtm to codeql inline format 2026-02-19 17:06:49 -08:00
warden_emulator.cpp ui,game,pipeline: player nameplates always-on, level-up ring effect, vanilla tile fallback, warden null guard 2026-03-10 07:25:04 -07:00
warden_memory.cpp Make this compatible to build with MSVS 2022 2026-02-23 16:30:49 +01:00
warden_module.cpp Fix Warden module parse fallback and macOS FMOD integrity aliases 2026-02-25 09:26:34 -08:00
world.cpp Clarify World stub methods: terrain/entity state lives in subsystems 2026-03-09 15:54:43 -07:00
world_packets.cpp Add pointCount cap to SMSG_MONSTER_MOVE spline parsing 2026-03-11 14:13:09 -07:00
zone_manager.cpp Enrich zone music from AreaTable/ZoneMusic/SoundEntries DBC chain 2026-03-09 16:04:52 -07:00