diff options
author | smatz <smatz@openttd.org> | 2010-04-11 22:06:17 +0000 |
---|---|---|
committer | smatz <smatz@openttd.org> | 2010-04-11 22:06:17 +0000 |
commit | 24a60b77ece2fabd866d0a6f4e3ecda3f2d52ea2 (patch) | |
tree | 48fbe465b371fde961186f617683e6cdcfd605ad /src | |
parent | 7590651aeae35f804af90537e276b6e1d07a8d44 (diff) | |
download | openttd-24a60b77ece2fabd866d0a6f4e3ecda3f2d52ea2.tar.xz |
(svn r19613) -Fix [FS#3755]: possible invalid read when server moves client to spectators before he finishes joining
Diffstat (limited to 'src')
-rw-r--r-- | src/network/network_server.cpp | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/network/network_server.cpp b/src/network/network_server.cpp index 4eb180244..a3cd53954 100644 --- a/src/network/network_server.cpp +++ b/src/network/network_server.cpp @@ -779,10 +779,12 @@ DEF_SERVER_RECEIVE_COMMAND(PACKET_CLIENT_COMPANY_PASSWORD) char password[NETWORK_PASSWORD_LENGTH]; p->Recv_string(password, sizeof(password)); - /* Check company password. Allow joining if we cleared the password meanwhile */ - const NetworkClientInfo *ci = cs->GetInfo(); - if (!StrEmpty(_network_company_states[ci->client_playas].password) && - strcmp(password, _network_company_states[ci->client_playas].password) != 0) { + /* Check company password. Allow joining if we cleared the password meanwhile. + * Also, check the company is still valid - client could be moved to spectators + * in the middle of the authorization process */ + CompanyID playas = cs->GetInfo()->client_playas; + if (Company::IsValidID(playas) && !StrEmpty(_network_company_states[playas].password) && + strcmp(password, _network_company_states[playas].password) != 0) { /* Password is invalid */ return SEND_COMMAND(PACKET_SERVER_ERROR)(cs, NETWORK_ERROR_WRONG_PASSWORD); } |