<div>More than that...<br></div><div>The server must be able to handle all kind of requests, not only the ones coming from any version of the client, but all what any script kiddie is able to throw to it: </div><div><br></div>
<div>This is valid to any input expecting XML (or JSON) coming from files or network.</div><div><br></div><div>The server does not crash now with the following attacks:</div><div>XML following the game schema</div><div>simple XML non following the game schema</div>
<div>Non XML data only</div><div>simple valid XML and simple invalid XML</div><div><br></div><div>And, do not forget these:</div><div>XML with gigantic node names (a tag name of 1.000.000 'a' will cause the server to allocate 1Gb of memory?)</div>
<div>XML with gigantic values (a value of 1.000.000 'a' will cause the server to allocate 1Gb of memory?)</div><div>XML with gigantic node hierarchy (a tag inside a tag 1.000.000 times will cause the server to allocate >1Gb of memory?) </div>
<div><br>To avoid the last 3, I propose this simple patch: (I'll use review-board, but will loose this thread)<br><br>diff --git a/src/protocol.cpp b/src/protocol.cpp<br>index 791179b..c5cbacc 100644<br>--- a/src/protocol.cpp<br>
+++ b/src/protocol.cpp<br>@@ -124,7 +124,7 @@ Protocol::Protocol(QIODevice* device)<br> <br> void Protocol::readMore()<br> {<br>- QByteArray data = m_device->readAll();<br>+ QByteArray data = m_device->read(4096);<br>
m_buffer += QString::fromUtf8(data.constData());<br> <br> int pos;<br><br><br><br>And attached is a simple compressed xml file that I've used to test it:<br>cat b.xml | nc localhost 54321 (nc is netcat, used to send the file to a listening knavalbattle)<br>
<br><br>It will create an opponent name of 9000 b, with the patch, that name is not processed, and is not allocating an string of length 9000. You are free to try to create/use a file with more 'b's. My vi karma and konsole does not allow it to me (in a smooth way).<br>
<br><br></div>
<div class="gmail_extra"><br><br><div class="gmail_quote">2012/12/9 Wolfgang Rohdewald <span dir="ltr"><<a href="mailto:wolfgang@rohdewald.de" target="_blank">wolfgang@rohdewald.de</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On Sunday 09 December 2012 18:42:45 Albert Astals Cid wrote:<br>
> > Albert Astals Cid wrote:<br>
> > Actually maybe it would make more sense not emmiting a null message from the protocol.cpp file instead of protecting from a null message in the networkentity.cpp slot? Anyway any of the two solutions work, commit the one you prefer<br>
<br>
</div>client and server might not be updated at the same time.<br>
So if you do both changes, updating either client or server would be sufficient<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Wolfgang<br>
</font></span></blockquote></div><br></div>