Ver código fonte

Sicherheitslücke geschlossen

Kolja Strohm 6 anos atrás
pai
commit
49bc20a9f1
1 arquivos alterados com 23 adições e 23 exclusões
  1. 23 23
      AppServer/AppServer.cpp

+ 23 - 23
AppServer/AppServer.cpp

@@ -225,14 +225,14 @@ void AppSAKlient::thread()
                 if( 1 )
                 {
                     klient->sendeEncrypted( "\1", 1 );
-                    char nLen = 0;
-                    klient->getNachrichtEncrypted( &nLen, 1 );
+                    unsigned char nLen = 0;
+                    klient->getNachrichtEncrypted( (char*)&nLen, 1 );
                     char *n = new char[ nLen + 1 ];
                     n[ (int)nLen ] = 0;
                     if( nLen )
                         klient->getNachrichtEncrypted( n, nLen );
-                    char pLen = 0;
-                    klient->getNachrichtEncrypted( &pLen, 1 );
+                    unsigned char pLen = 0;
+                    klient->getNachrichtEncrypted( (char*)&pLen, 1 );
                     char *p = new char[ pLen + 1 ];
                     p[ (int)pLen ] = 0;
                     if( pLen )
@@ -441,13 +441,13 @@ void AppSKlient::thread()
                 if( 1 )
                 {
                     klient->sendeEncrypted( "\1", 1 );
-                    char l = 0;
-                    klient->getNachrichtEncrypted( &l, 1 );
+                    unsigned char l = 0;
+                    klient->getNachrichtEncrypted( (char*)&l, 1 );
                     char *name = new char[ l + 1 ];
                     name[ (int)l ] = 0;
                     if( l )
                         klient->getNachrichtEncrypted( name, l );
-                    klient->getNachrichtEncrypted( &l, 1 );
+                    klient->getNachrichtEncrypted( (char*)&l, 1 );
                     char *passwort = new char[ l + 1 ];
                     passwort[ (int)l ] = 0;
                     if( l )
@@ -842,8 +842,8 @@ void AppSKlient::thread()
                         appS->zDB()->markballsFinish( level, sek, accountId, 0, 0, 0, 0 );
                     else
                     {
-                        char l = 0;
-                        klient->getNachrichtEncrypted( &l, 1 );
+                        unsigned char l = 0;
+                        klient->getNachrichtEncrypted( (char*)&l, 1 );
                         char *device = new char[ l + 1 ];
                         device[ (int)l ] = 0;
                         klient->getNachrichtEncrypted( device, l );
@@ -882,18 +882,18 @@ void AppSKlient::thread()
                 if( 1 )
                 {
                     klient->sendeEncrypted( "\1", 1 );
-                    char l = 0;
-                    klient->getNachrichtEncrypted( &l, 1 );
+                    unsigned char l = 0;
+                    klient->getNachrichtEncrypted( (char*)&l, 1 );
                     char *name = new char[ l + 1 ];
                     name[ (int)l ] = 0;
                     if( l )
                         klient->getNachrichtEncrypted( name, l );
-                    klient->getNachrichtEncrypted( &l, 1 );
+                    klient->getNachrichtEncrypted( (char*)&l, 1 );
                     char *passwort = new char[ l + 1 ];
                     passwort[ (int)l ] = 0;
                     if( l )
                         klient->getNachrichtEncrypted( passwort, l );
-                    klient->getNachrichtEncrypted( &l, 1 );
+                    klient->getNachrichtEncrypted( (char*)&l, 1 );
                     char *device = new char[ l + 1 ];
                     device[ (int)l ] = 0;
                     if( l )
@@ -931,8 +931,8 @@ void AppSKlient::thread()
                     }
                     else
                     {
-                        char l = 0;
-                        klient->getNachrichtEncrypted( &l, 1 );
+                        unsigned char l = 0;
+                        klient->getNachrichtEncrypted( (char*)&l, 1 );
                         char *device = new char[ l + 1 ];
                         device[ (int)l ] = 0;
                         klient->getNachrichtEncrypted( device, l );
@@ -974,8 +974,8 @@ void AppSKlient::thread()
                         anz = appS->zDB()->getGegenstaende( accountId, 0, gId, diff );
                     else
                     {
-                        char l = 0;
-                        klient->getNachrichtEncrypted( &l, 1 );
+                        unsigned char l = 0;
+                        klient->getNachrichtEncrypted( (char*)&l, 1 );
                         char *device = new char[ l + 1 ];
                         device[ (int)l ] = 0;
                         klient->getNachrichtEncrypted( device, l );
@@ -1017,8 +1017,8 @@ void AppSKlient::thread()
                         anz = appS->zDB()->getMarkballsFortschritt( accountId, 0, fortschritt );
                     else
                     {
-                        char l = 0;
-                        klient->getNachrichtEncrypted( &l, 1 );
+                        unsigned char l = 0;
+                        klient->getNachrichtEncrypted( (char*)&l, 1 );
                         char *device = new char[ l + 1 ];
                         device[ (int)l ] = 0;
                         klient->getNachrichtEncrypted( device, l );
@@ -1037,18 +1037,18 @@ void AppSKlient::thread()
             case 31: // Global Login
             {
                 klient->sendeEncrypted( "\1", 1 );
-                char l = 0;
-                klient->getNachrichtEncrypted( &l, 1 );
+                unsigned char l = 0;
+                klient->getNachrichtEncrypted( (char*)&l, 1 );
                 char *name = new char[ l + 1 ];
                 name[ (int)l ] = 0;
                 if( l )
                     klient->getNachrichtEncrypted( name, l );
-                klient->getNachrichtEncrypted( &l, 1 );
+                klient->getNachrichtEncrypted( (char*)&l, 1 );
                 char *passwort = new char[ l + 1 ];
                 passwort[ (int)l ] = 0;
                 if( l )
                     klient->getNachrichtEncrypted( passwort, l );
-                klient->getNachrichtEncrypted( &l, 1 );
+                klient->getNachrichtEncrypted( (char*)&l, 1 );
                 char *device = new char[ l + 1 ];
                 device[ (int)l ] = 0;
                 if( l )