Browse Source

Sicherheitslücke geschlossen

Kolja Strohm 6 years ago
parent
commit
238e6011c6
2 changed files with 28 additions and 28 deletions
  1. 22 22
      InformationServer/InformationServer.cpp
  2. 6 6
      InformationServer/KartenLeser.cpp

+ 22 - 22
InformationServer/InformationServer.cpp

@@ -339,14 +339,14 @@ void ISAKlient::thread()
 				if( 1 )
 				{
 					klient->sendeEncrypted( "\1", 1 );
-					char nLen = 0;
-					klient->getNachrichtEncrypted( &nLen, 1 );
+					unsigned char nLen = 0;
+					klient->getNachrichtEncrypted( (char*)&nLen, 1 );
 					char *n = new char[ nLen + 1 ];
 					n[ (int)nLen ] = 0;
 					if( nLen )
 						klient->getNachrichtEncrypted( n, nLen );
-					char pLen = 0;
-					klient->getNachrichtEncrypted( &pLen, 1 );
+					unsigned char pLen = 0;
+					klient->getNachrichtEncrypted( (char*)&pLen, 1 );
 					char *p = new char[ pLen + 1 ];
 					p[ (int)pLen ] = 0;
 					if( pLen )
@@ -753,8 +753,8 @@ void ISKlient::thread()
 						break;
 					}
 					klient->sendeEncrypted( "\1", 1 );
-					char len = 0;
-					klient->getNachrichtEncrypted( &len, 1 );
+					unsigned char len = 0;
+					klient->getNachrichtEncrypted( (char*)&len, 1 );
 					char *name = new char[ len + 1 ];
 					name[ (int)len ] = 0;
 					klient->getNachrichtEncrypted( name, len );
@@ -772,8 +772,8 @@ void ISKlient::thread()
 						break;
 					}
 					klient->sendeEncrypted( "\1", 1 );
-					char len = 0;
-					klient->getNachrichtEncrypted( &len, 1 );
+					unsigned char len = 0;
+					klient->getNachrichtEncrypted( (char*)&len, 1 );
 					char *name = new char[ len + 1 ];
 					name[ (int)len ] = 0;
 					klient->getNachrichtEncrypted( name, len );
@@ -837,8 +837,8 @@ void ISKlient::thread()
 				else
 				{
 					klient->sendeEncrypted( "\1", 1 );
-					char len = 0;
-					klient->getNachrichtEncrypted( &len, 1 );
+					unsigned char len = 0;
+					klient->getNachrichtEncrypted( (char*)&len, 1 );
 					char *suche = new char[ len + 1 ];
 					suche[ (int)len ] = 0;
 					klient->getNachrichtEncrypted( suche, len );
@@ -859,19 +859,19 @@ void ISKlient::thread()
 						int accId = list.values[ i * 6 ];
 						klient->sendeEncrypted( (char*)&accId, 4 );
 						len = (char)list.values[ i * 6 + 1 ].getLength();
-						klient->sendeEncrypted( &len, 1 );
+						klient->sendeEncrypted( (char*)&len, 1 );
 						klient->sendeEncrypted( list.values[ i * 6 + 1 ], len );
 						len = (char)list.values[ i * 6 + 2 ].getLength();
-						klient->sendeEncrypted( &len, 1 );
+						klient->sendeEncrypted( (char*)&len, 1 );
 						klient->sendeEncrypted( list.values[ i * 6 + 2 ], len );
 						len = (char)list.values[ i * 6 + 3 ].getLength();
-						klient->sendeEncrypted( &len, 1 );
+						klient->sendeEncrypted( (char*)&len, 1 );
 						klient->sendeEncrypted( list.values[ i * 6 + 3 ], len );
 						len = (char)list.values[ i * 6 + 4 ].getLength();
-						klient->sendeEncrypted( &len, 1 );
+						klient->sendeEncrypted( (char*)&len, 1 );
 						klient->sendeEncrypted( list.values[ i * 6 + 4 ], len );
 						len = (char)list.values[ i * 6 + 5 ].getLength();
-						klient->sendeEncrypted( &len, 1 );
+						klient->sendeEncrypted( (char*)&len, 1 );
 						klient->sendeEncrypted( list.values[ i * 6 + 5 ], len );
 					}
 					list.destroy();
@@ -985,8 +985,8 @@ void ISKlient::thread()
 						break;
 					}
 					klient->sendeEncrypted( "\1", 1 );
-					char len = 0;
-					klient->getNachrichtEncrypted( &len, 1 );
+					unsigned char len = 0;
+					klient->getNachrichtEncrypted( (char*)&len, 1 );
 					if( len )
 					{
 						char *name = new char[ len + 1 ];
@@ -1007,8 +1007,8 @@ void ISKlient::thread()
 						break;
 					}
 					klient->sendeEncrypted( "\1", 1 );
-					char len = 0;
-					klient->getNachrichtEncrypted( &len, 1 );
+					unsigned char len = 0;
+					klient->getNachrichtEncrypted( (char*)&len, 1 );
 					if( len )
 					{
 						char *name = new char[ len + 1 ];
@@ -1494,7 +1494,7 @@ void ISKlient::thread()
 				if( klientNummer )
 				{
 					klient->sendeEncrypted( "\1", 1 );
-					char len = 0;
+					unsigned char len = 0;
 					klient->getNachrichtEncrypted( (char*)&len, 1 );
 					char *pf = new char[ len + 1 ];
 					pf[ (int)len ] = 0;
@@ -1555,8 +1555,8 @@ void ISKlient::thread()
 				else
 				{
 					klient->sendeEncrypted( "\1", 1 );
-					char filterLen = 0;
-					klient->getNachrichtEncrypted( &filterLen, 1 );
+					unsigned char filterLen = 0;
+					klient->getNachrichtEncrypted( (char*)&filterLen, 1 );
 					char *filter = new char[ filterLen + 1 ];
 					filter[ (int)filterLen ] = 0;
 					if( filterLen )

+ 6 - 6
InformationServer/KartenLeser.cpp

@@ -37,8 +37,8 @@ KartenLeser::KartenLeser( int karteId, InformationServer *is )
             klient->getNachrichtEncrypted( (char*)&anz, 4 );
             for( int i = 0; i < anz; i++ )
             {
-                char len = 0;
-                klient->getNachrichtEncrypted( &len, 1 );
+                unsigned char len = 0;
+                klient->getNachrichtEncrypted( (char*)&len, 1 );
                 if( !len )
                     continue;
                 char *pfa = new char[ len + 1 ];
@@ -69,8 +69,8 @@ KartenLeser::KartenLeser( int karteId, InformationServer *is )
     }
     if( ret == 3 )
     {
-        char byte = 0;
-        klient->getNachrichtEncrypted( &byte, 1 );
+        unsigned char byte = 0;
+        klient->getNachrichtEncrypted( (char*)&byte, 1 );
         char *f = new char[ byte + 1 ];
         f[ (int)byte ] = 0;
         klient->getNachrichtEncrypted( f, byte );
@@ -128,8 +128,8 @@ bool KartenLeser::ladeSpielerTeamStruktur( SpielerTeamStruktur *sts )
 	sts->teamName = new RCArray< Text >();
 	for( int i = 0; i < sts->teamAnzahl; i++ )
 	{
-		char len = 0;
-		datei->lese( &len, 1 );
+		unsigned char len = 0;
+		datei->lese( (char*)&len, 1 );
 		char *txt = new char[ len + 1 ];
 		txt[ (int)len ] = 0;
 		datei->lese( txt, len );