From 40ea6e9dad0ab039460dbec7305c6c88ae5221ab Mon Sep 17 00:00:00 2001
From: badaix <snapcast@badaix.de>
Date: Tue, 19 Apr 2016 07:48:45 +0200
Subject: [PATCH] close connection if message size exceeds 1meg

---
 message/message.h        | 2 ++
 server/streamSession.cpp | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/message/message.h b/message/message.h
index 1a06cbcb..b85c311b 100644
--- a/message/message.h
+++ b/message/message.h
@@ -105,6 +105,8 @@ struct tv
 namespace msg
 {
 
+const size_t max_size = 1000000; 
+
 struct BaseMessage
 {
 	BaseMessage() : type(kBase), id(0), refersTo(0)
diff --git a/server/streamSession.cpp b/server/streamSession.cpp
index a0282ca1..ddde9947 100644
--- a/server/streamSession.cpp
+++ b/server/streamSession.cpp
@@ -157,6 +157,12 @@ void StreamSession::getNextMessage()
 	vector<char> buffer(baseMsgSize);
 	socketRead(&buffer[0], baseMsgSize);
 	baseMessage.deserialize(&buffer[0]);
+	if (baseMessage.size > msg::max_size)
+	{
+		logS(kLogErr) << "received message of type " << baseMessage.type << " to large: " << baseMessage.size << "\n";
+		stop();
+		return;
+	}
 //	logO << "getNextMessage: " << baseMessage.type << ", size: " << baseMessage.size << ", id: " << baseMessage.id << ", refers: " << baseMessage.refersTo << "\n";
 	if (baseMessage.size > buffer.size())
 		buffer.resize(baseMessage.size);