From 1ba1ccfe82a4ae7547c63346fa02f743e77fd038 Mon Sep 17 00:00:00 2001 From: Denis Drakhnia Date: Wed, 17 Jan 2024 18:21:15 +0200 Subject: [PATCH] protocol: do not validate utf8 for wrong version response --- protocol/src/server.rs | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/protocol/src/server.rs b/protocol/src/server.rs index f056117..41a2c02 100644 --- a/protocol/src/server.rs +++ b/protocol/src/server.rs @@ -469,13 +469,17 @@ where cur.expect(GetServerInfoResponse::HEADER)?; if !cur.as_slice().starts_with(b"\\") { - let s = cur.get_str(cur.remaining())?; - let p = s.rfind(':').ok_or(Error::InvalidPacket)?; - let msg = &s[p + 1..]; - match msg.trim() { - "wrong version" => return Err(Error::InvalidProtocolVersion), - _ => return Err(Error::InvalidPacket), - } + let s = cur.get_bytes(cur.remaining())?; + let p = s + .iter() + .rev() + .position(|c| *c == b':') + .ok_or(Error::InvalidPacket)?; + let msg = &s[s.len() - p..]; + return match msg { + b" wrong version\n" => Err(Error::InvalidProtocolVersion), + _ => Err(Error::InvalidPacket), + }; } let mut ret = Self::default(); @@ -645,6 +649,15 @@ mod tests { ); } + #[test] + fn get_server_info_response_wrong_version() { + let s = b"\xff\xff\xff\xffinfo\nfoobar: wrong version\n"; + assert_eq!(Packet::decode(s), Err(Error::InvalidProtocolVersion)); + + let s = b"\xff\xff\xff\xffinfo\nfoobar\xff: wrong version\n"; + assert_eq!(Packet::decode(s), Err(Error::InvalidProtocolVersion)); + } + #[test] fn server_add_bots_is_a_number() { let s = b"0\n\\protocol\\48\\challenge\\4161802725\\players\\0\\max\\32\\bots\\3\\gamedir\\valve\\map\\rats_bathroom\\type\\d\\password\\0\\os\\l\\secure\\0\\lan\\0\\version\\0.19.4\\region\\255\\product\\valve\\nat\\0";