Don't serialize StaticObjectList with > 65535 objects

Because the count is serialized as u16, this would cause overflow.

If minetest later deserialized a mapblock with an incorrect
static object count, it would be unable to find the NameIdMapping
(which comes after the StaticObjectList) and abort with an error
such as "Invalid block data in database: unsupported NameIdMapping
version" (issue #2610).
This commit is contained in:
Kahrl 2015-09-29 01:55:12 +02:00
parent ffe291cb78
commit 0cde03254a

View File

@ -19,6 +19,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
#include "staticobject.h" #include "staticobject.h"
#include "util/serialize.h" #include "util/serialize.h"
#include "log.h"
void StaticObject::serialize(std::ostream &os) void StaticObject::serialize(std::ostream &os)
{ {
@ -44,9 +45,20 @@ void StaticObjectList::serialize(std::ostream &os)
// version // version
u8 version = 0; u8 version = 0;
writeU8(os, version); writeU8(os, version);
// count // count
u16 count = m_stored.size() + m_active.size(); size_t count = m_stored.size() + m_active.size();
// Make sure it fits into u16, else it would get truncated and cause e.g.
// issue #2610 (Invalid block data in database: unsupported NameIdMapping version).
if (count > (u16)-1) {
errorstream << "StaticObjectList::serialize(): "
<< "too many objects (" << count << ") in list, "
<< "not writing them to disk." << std::endl;
writeU16(os, 0); // count = 0
return;
}
writeU16(os, count); writeU16(os, count);
for(std::vector<StaticObject>::iterator for(std::vector<StaticObject>::iterator
i = m_stored.begin(); i = m_stored.begin();
i != m_stored.end(); ++i) { i != m_stored.end(); ++i) {