Selaa lähdekoodia

Sicherheitslücke geschlossen

Kolja Strohm 6 vuotta sitten
vanhempi
commit
9a9d38b1ad
2 muutettua tiedostoa jossa 12 lisäystä ja 12 poistoa
  1. 8 8
      ShopServer/ShopServer.cpp
  2. 4 4
      ShopServer/Updater.cpp

+ 8 - 8
ShopServer/ShopServer.cpp

@@ -345,14 +345,14 @@ void ShSAKlient::thread()
                 if( 1 )
                 {
                     klient->sendeEncrypted( "\1", 1 );
-                    char nLen = 0;
-                    klient->getNachrichtEncrypted( &nLen, 1 );
+                    unsigned char nLen = 0;
+                    klient->getNachrichtEncrypted( (char*)&nLen, 1 );
                     char *n = new char[ nLen + 1 ];
                     n[ (int)nLen ] = 0;
                     if( nLen )
                         klient->getNachrichtEncrypted( n, nLen );
-                    char pLen = 0;
-                    klient->getNachrichtEncrypted( &pLen, 1 );
+                    unsigned char pLen = 0;
+                    klient->getNachrichtEncrypted( (char*)&pLen, 1 );
                     char *p = new char[ pLen + 1 ];
                     p[ (int)pLen ] = 0;
                     if( pLen )
@@ -700,8 +700,8 @@ void ShSKlient::thread()
                 if( klientNummer )
                 {
                     klient->sendeEncrypted( "\1", 1 );
-                    char len = 0;
-                    klient->getNachrichtEncrypted( &len, 1 );
+                    unsigned char len = 0;
+                    klient->getNachrichtEncrypted( (char*)&len, 1 );
                     char *suche = new char[ len + 1 ];
                     suche[ (int)len ] = 0;
                     if( len )
@@ -935,8 +935,8 @@ void ShSKlient::thread()
                     klient->sendeEncrypted( "\1", 1 );
                     int spielId = 0;
                     klient->getNachrichtEncrypted( (char*)&spielId, 4 );
-                    char len = 0;
-                    klient->getNachrichtEncrypted( &len, 1 );
+                    unsigned char len = 0;
+                    klient->getNachrichtEncrypted( (char*)&len, 1 );
                     char *suche = new char[ len + 1 ];
                     suche[ (int)len ] = 0;
                     if( len )

+ 4 - 4
ShopServer/Updater.cpp

@@ -69,8 +69,8 @@ void Updater::thread()
                     k->getNachrichtEncrypted( (char*)&anz, 4 );
                     for( int i = 0; i < anz && !beenden; i++ )
                     {
-                        char len = 0;
-                        k->getNachrichtEncrypted( &len, 1 );
+                        unsigned char len = 0;
+                        k->getNachrichtEncrypted( (char*)&len, 1 );
                         if( !len )
                             continue;
                         char *pfa = new char[ len + 1 ];
@@ -113,8 +113,8 @@ void Updater::thread()
             }
             if( ret == 3 )
             {
-                char byte = 0;
-                k->getNachrichtEncrypted( &byte, 1 );
+                unsigned char byte = 0;
+                k->getNachrichtEncrypted( (char*)&byte, 1 );
                 char *f = new char[ byte + 1 ];
                 f[ (int)byte ] = 0;
                 k->getNachrichtEncrypted( f, byte );