From f0c87341ab0dae51027993c857d922f162b7735b Mon Sep 17 00:00:00 2001
From: Lion Kortlepel <development@kortlepel.com>
Date: Thu, 5 Nov 2020 23:57:07 +0100
Subject: [PATCH] implement size header for auth

---
 src/Network/Auth.cpp | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/src/Network/Auth.cpp b/src/Network/Auth.cpp
index 601ac59..9776fbd 100644
--- a/src/Network/Auth.cpp
+++ b/src/Network/Auth.cpp
@@ -9,6 +9,7 @@
 #include <sstream>
 #include <thread>
 #include <cstring>
+#include <algorithm>
 #include "UnixCompat.h"
 
 
@@ -30,10 +31,22 @@ bool Send(SOCKET TCPSock,std::string Data){
     return true;
 }
 std::string Rcv(SOCKET TCPSock){
-    char buf[6768];
-    size_t len = 6768;
-    ZeroMemory(buf, len);
-    int64_t BytesRcv = recv(TCPSock, buf, len,0);
+    uint32_t RealSize;
+    int64_t BytesRcv = recv(TCPSock, &RealSize, sizeof(RealSize), 0);
+    if (BytesRcv != sizeof(RealSize)) {
+        error(Sec("invalid packet (1)"));
+        return "";
+    }
+    // RealSize is big-endian, so we convert it to host endianness
+    RealSize = ntohl(RealSize);
+    if (RealSize > 7000) {
+        error(Sec("Larger than allowed TCP packet received"));
+        return "";
+    }
+    RealSize = std::min<uint32_t>(RealSize, 7000);
+    char buf[7000];
+    std::fill_n(buf, sizeof(buf), 0);
+    BytesRcv = recv(TCPSock, buf, RealSize, 0);
     if (BytesRcv <= 0)return "";
     return std::string(buf);
 }