From 4a8378427af33894e0b3755731a5487fab01e0ca Mon Sep 17 00:00:00 2001
From: wadyankaw <wadymaw@icloud.com>
Date: Sun, 28 Dec 2025 02:24:08 +0300
Subject: [PATCH] Add message length validation for chat messages

Right now server only checks if chat message is empty but doesnt check the max length. Client limits to 500 chars but if someone modifies the client they can send huge messages.
I added a check on server side to reject messages longer than 500 characters, same as client limit.
I used translator because I don't know English well
---
 src/TServer.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/TServer.cpp b/src/TServer.cpp
index ae16c1c..b064e87 100644
--- a/src/TServer.cpp
+++ b/src/TServer.cpp
@@ -256,6 +256,10 @@ void TServer::GlobalParser(const std::weak_ptr<TClient>& Client, std::vector<uin
             beammp_debugf("Empty chat message received from '{}' ({}), ignoring it", LockedClient->GetName(), LockedClient->GetID());
             return;
         }
+        if (Message.size() > 500) {
+           beammp_debugf("Chat message too long from '{}' ({}), ignoring it", LockedClient->GetName(), LockedClient->GetID());
+           return;
+        }
         auto Futures = LuaAPI::MP::Engine->TriggerEvent("onChatMessage", "", LockedClient->GetID(), LockedClient->GetName(), Message);
         TLuaEngine::WaitForAll(Futures);
         LogChatMessage(LockedClient->GetName(), LockedClient->GetID(), PacketAsString.substr(PacketAsString.find(':', 3) + 1));