diff --git a/src/CNLoginServer.cpp b/src/CNLoginServer.cpp index 6706006..1b3b255 100644 --- a/src/CNLoginServer.cpp +++ b/src/CNLoginServer.cpp @@ -135,7 +135,7 @@ void CNLoginServer::handlePacket(CNSocket* sock, CNPacketData* data) { } } else { INITSTRUCT(sP_LS2CL_REP_LOGIN_FAIL, resp); - U8toU16(userLogin, resp.szID); + U8toU16(userLogin, resp.szID, sizeof(resp.szID)); resp.iErrorCode = errorCode; sock->sendPacket((void*)&resp, P_LS2CL_REP_LOGIN_FAIL, sizeof(sP_LS2CL_REP_LOGIN_FAIL)); } diff --git a/src/CNStructs.hpp b/src/CNStructs.hpp index 9f87bb6..84e1d89 100644 --- a/src/CNStructs.hpp +++ b/src/CNStructs.hpp @@ -31,7 +31,7 @@ // TODO: rewrite U16toU8 & U8toU16 to not use codecvt std::string U16toU8(char16_t* src); -size_t U8toU16(std::string src, char16_t* des); // returns number of char16_t that was written at des +size_t U8toU16(std::string src, char16_t* des, size_t max); // returns number of char16_t that was written at des time_t getTime(); time_t getTimestamp(); diff --git a/src/ChatManager.cpp b/src/ChatManager.cpp index 8b6686b..57e3a1b 100644 --- a/src/ChatManager.cpp +++ b/src/ChatManager.cpp @@ -246,7 +246,7 @@ void ChatManager::sendServerMessage(CNSocket* sock, std::string msg) { motd.iType = 1; // convert string to u16 and write it to the buffer (TODO: add sanity check to prevent buffer overflow) - U8toU16(msg, (char16_t*)motd.szSystemMsg); + U8toU16(msg, (char16_t*)motd.szSystemMsg, sizeof(motd.szSystemMsg)); // send the packet :) sock->sendPacket((void*)&motd, P_FE2CL_PC_MOTD_LOGIN, sizeof(sP_FE2CL_PC_MOTD_LOGIN)); diff --git a/src/Database.cpp b/src/Database.cpp index 8480f66..7e3b699 100644 --- a/src/Database.cpp +++ b/src/Database.cpp @@ -425,14 +425,14 @@ Player Database::DbToPlayer(DbPlayer player) { result.PCStyle.iClass = player.Class; result.PCStyle.iEyeColor = player.EyeColor; result.PCStyle.iFaceStyle = player.FaceStyle; - U8toU16(player.FirstName, result.PCStyle.szFirstName); + U8toU16(player.FirstName, result.PCStyle.szFirstName, sizeof(result.PCStyle.szFirstName)); result.PCStyle.iGender = player.Gender; result.PCStyle.iHairColor = player.HairColor; result.PCStyle.iHairStyle = player.HairStyle; result.PCStyle.iHeight = player.Height; result.HP = player.HP; result.accountLevel = player.AccountLevel; - U8toU16(player.LastName, result.PCStyle.szLastName); + U8toU16(player.LastName, result.PCStyle.szLastName, sizeof(result.PCStyle.szLastName)); result.level = player.Level; result.PCStyle.iNameCheck = player.NameCheck; result.PCStyle2.iPayzoneFlag = player.PayZoneFlag; diff --git a/src/TransportManager.cpp b/src/TransportManager.cpp index ab3fc9e..1ffaf92 100644 --- a/src/TransportManager.cpp +++ b/src/TransportManager.cpp @@ -162,7 +162,7 @@ void TransportManager::transportWarpHandler(CNSocket* sock, CNPacketData* data) INITSTRUCT(sP_FE2CL_ANNOUNCE_MSG, alert); alert.iAnnounceType = 0; // don't think this lets us make a confirm dialog alert.iDuringTime = 3; - U8toU16("Skyway route " + std::to_string(route.mssRouteNum) + " isn't pathed yet. You will not be charged any taros.", (char16_t*)alert.szAnnounceMsg); + U8toU16("Skyway route " + std::to_string(route.mssRouteNum) + " isn't pathed yet. You will not be charged any taros.", (char16_t*)alert.szAnnounceMsg, sizeof(alert.szAnnounceMsg)); sock->sendPacket((void*)&alert, P_FE2CL_ANNOUNCE_MSG, sizeof(sP_FE2CL_ANNOUNCE_MSG)); std::cout << "[WARN] MSS route " << route.mssRouteNum << " not pathed" << std::endl; diff --git a/src/main.cpp b/src/main.cpp index 02dcccc..3ad96e4 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -131,12 +131,15 @@ std::string U16toU8(char16_t* src) { } // returns number of char16_t that was written at des -size_t U8toU16(std::string src, char16_t* des) { +size_t U8toU16(std::string src, char16_t* des, size_t max) { std::wstring_convert,char16_t> convert; std::u16string tmp = convert.from_bytes(src); // copy utf16 string to buffer - memcpy(des, tmp.c_str(), sizeof(char16_t) * tmp.length()); + if (sizeof(char16_t) * tmp.length() > max) // make sure we don't write outside the buffer + memcpy(des, tmp.c_str(), sizeof(char16_t) * max); + else + memcpy(des, tmp.c_str(), sizeof(char16_t) * tmp.length()); des[tmp.length()] = '\0'; return tmp.length();