R5Reloaded/r5sdk
1
0
Fork 0
mirror of https://github.com/Mauler125/r5sdk.git synced 2025-02-09 19:15:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug in CNetChan::FlowNewPacket()

Browse Source 
Loop runs for 'CNetChan::m_nOutSequenceNr' frames, with no bounds. A corrupt or invalid packet will hang the engine for several seconds.
This commit is contained in:
Amos 2023-08-18 13:06:00 +02:00
parent 4f2a9601b4
commit 2caccf6c91
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
r5dev/engine/net_chan.cpp
View File

@ -137,8 +137,13 @@ void CNetChan::_FlowNewPacket(CNetChan* pChan, int flow, int outSeqNr, int inSeq
v22 = v19;
time = (float)*g_pNetTime;
v16 += 4 * v19;
int numPacketFrames = 0;
do
{
++numPacketFrames;
v24 = (v20 - 2) & NET_FRAMES_MASK;
v25 = v24;
pFlow->frame_headers[v25].time = time;
@ -206,7 +211,7 @@ void CNetChan::_FlowNewPacket(CNetChan* pChan, int flow, int outSeqNr, int inSeq
v21 -= 4;
v20 += 4;
--v22;
} while (v22);
} while (v22 && numPacketFrames < NET_FRAMES_BACKUP);
v12 = outSeqNr;
v8 = flow;
v9 = inSeqNr;