From a54b259a3f20dac001c3aa543b2e0086b47607ef Mon Sep 17 00:00:00 2001 From: Alug Date: Tue, 21 Apr 2026 20:48:56 +0200 Subject: [PATCH] attempt to fix a plethora of buffer overflows when trying to connect to a server that does not exist MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ex: if you typo´d the serveraddress this really aint pretty but idk how to make things not turn into limbo hell otherwise --- src/d_clisrv.c | 14 ++++++++++++++ src/i_tcp.c | 8 ++++++++ 2 files changed, 22 insertions(+) diff --git a/src/d_clisrv.c b/src/d_clisrv.c index be32a6de0..62eaf7a81 100644 --- a/src/d_clisrv.c +++ b/src/d_clisrv.c @@ -2845,6 +2845,20 @@ static void Command_connect(void) } else CONS_Alert(CONS_ERROR, M_GetText("There is no network driver\n")); + + // invalid address + if (servernode == -1) + { + D_QuitNetGame(); // this will also call D_CloseConnection for us + CL_Reset(); + servernode = 0; // not sure if this is cool, but if this is -1 then bad things happen in alot of networking code + multiplayer = false; + netgame = false; + + D_StartTitle(); + M_StartMessage(M_GetText("Failed to connect to server\nMake sure you put in a valid Address!\n"), NULL, MM_NOTHING); + return; + } } CV_Set(&cv_lastserver, I_GetNodeAddress(servernode)); diff --git a/src/i_tcp.c b/src/i_tcp.c index 6644b3281..6393680a5 100644 --- a/src/i_tcp.c +++ b/src/i_tcp.c @@ -452,13 +452,21 @@ static const char *SOCK_GetNodeAddress(INT32 node) { if (node == 0) return "self"; + + if (node < 0 || node > MAXNETNODES) + return NULL; + if (!nodeconnected[node]) return NULL; + return SOCK_AddrToStr(&clientaddress[node]); } static UINT32 SOCK_GetNodeAddressInt(INT32 node) { + if (node < 0 || node > MAXNETNODES) + return 0; + if (nodeconnected[node] && clientaddress[node].any.sa_family == AF_INET) { return clientaddress[node].ip4.sin_addr.s_addr;