RomanRom2/whoa
1
0
Fork 0
mirror of https://github.com/whoahq/whoa.git synced 2026-02-01 08:12:44 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore(net): annotate read checks in CmdAuthLogonChallenge

Browse Source
This commit is contained in:
fallenoak 2025-09-23 21:20:43 -07:00
parent 7e43643de8
commit a828a962a1
No known key found for this signature in database
GPG Key ID: 7628F8E61AEA070D
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/net/grunt/ClientLink.cpp
View File

@ -47,6 +47,7 @@ void Grunt::ClientLink::Call() {
} }
int32_t Grunt::ClientLink::CmdAuthLogonChallenge(CDataStore& msg) { int32_t Grunt::ClientLink::CmdAuthLogonChallenge(CDataStore& msg) {
// sizeof(protocol) + sizeof(result)
if (!CanRead(msg, 2)) { if (!CanRead(msg, 2)) {
return 0; return 0;
} }
@ -78,6 +79,7 @@ int32_t Grunt::ClientLink::CmdAuthLogonChallenge(CDataStore& msg) {
return 2; return 2;
} }
// sizeof(serverPublicKey) + sizeof(generatorLen)
if (!CanRead(msg, 33)) { if (!CanRead(msg, 33)) {
return 0; return 0;
} }
@ -88,6 +90,7 @@ int32_t Grunt::ClientLink::CmdAuthLogonChallenge(CDataStore& msg) {
uint8_t generatorLen; uint8_t generatorLen;
msg.Get(generatorLen); msg.Get(generatorLen);
// generatorLen + sizeof(largeSafePrimeLen)
if (!CanRead(msg, generatorLen + 1)) { if (!CanRead(msg, generatorLen + 1)) {
return 0; return 0;
} }
@ -98,6 +101,7 @@ int32_t Grunt::ClientLink::CmdAuthLogonChallenge(CDataStore& msg) {
uint8_t largeSafePrimeLen; uint8_t largeSafePrimeLen;
msg.Get(largeSafePrimeLen); msg.Get(largeSafePrimeLen);
// largeSafePrimeLen + sizeof(salt) + sizeof(versionChallenge)
if (!CanRead(msg, largeSafePrimeLen + 48)) { if (!CanRead(msg, largeSafePrimeLen + 48)) {
return 0; return 0;
} }
@ -111,6 +115,7 @@ int32_t Grunt::ClientLink::CmdAuthLogonChallenge(CDataStore& msg) {
uint8_t* versionChallenge; uint8_t* versionChallenge;
msg.GetDataInSitu(reinterpret_cast<void*&>(versionChallenge), 16); msg.GetDataInSitu(reinterpret_cast<void*&>(versionChallenge), 16);
// sizeof(logonFlags)
if (!CanRead(msg, 1)) { if (!CanRead(msg, 1)) {
return 0; return 0;
} }
@ -131,6 +136,7 @@ int32_t Grunt::ClientLink::CmdAuthLogonChallenge(CDataStore& msg) {
// PIN // PIN
if (logonFlags & 0x1) { if (logonFlags & 0x1) {
// sizeof(pinGridSeed) + sizeof(pinSalt)
if (!CanRead(msg, 20)) { if (!CanRead(msg, 20)) {
return 0; return 0;
} }
@ -161,6 +167,7 @@ int32_t Grunt::ClientLink::CmdAuthLogonChallenge(CDataStore& msg) {
// TOKEN (authenticator) // TOKEN (authenticator)
if (logonFlags & 0x4) { if (logonFlags & 0x4) {
// sizeof(tokenRequired)
if (!CanRead(msg, 1)) { if (!CanRead(msg, 1)) {
return 0; return 0;
} }