From fad378c3bb4f6d5022c042d0836c51cfb7a0bfc1 Mon Sep 17 00:00:00 2001
From: MysterD <myster@d>
Date: Mon, 10 Apr 2023 17:45:43 -0700
Subject: [PATCH] Possible crash fix for network_receive_download()

---
 src/pc/network/packets/packet_download.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/pc/network/packets/packet_download.c b/src/pc/network/packets/packet_download.c
index 03cdef9f..81bdffe2 100644
--- a/src/pc/network/packets/packet_download.c
+++ b/src/pc/network/packets/packet_download.c
@@ -348,9 +348,13 @@ void network_receive_download(struct Packet* p) {
     // read the chunk
     u64 receiveOffset     = 0;
     u64 chunkLength       = 0;
-    u8  chunk[CHUNK_SIZE] = { 0 };
+    u8  chunk[CHUNK_SIZE+1] = { 0 };
     packet_read(p, &receiveOffset, sizeof(u64));
     packet_read(p, &chunkLength,   sizeof(u64));
+    if (chunkLength > CHUNK_SIZE) {
+        LOG_ERROR("Received improper chunk length");
+        return;
+    }
     packet_read(p, &chunk,         sizeof(u8) * chunkLength);
 
     // mark the offset group as received
@@ -384,6 +388,10 @@ after_group:;
     u64 fileStartOffset = 0;
     for (u64 modIndex = 0; modIndex < gRemoteMods.entryCount; modIndex++) {
         struct Mod* mod = gRemoteMods.entries[modIndex];
+        if (!mod) {
+            LOG_ERROR("Null mod");
+            continue;
+        }
 
         // skip past mods to get to the right offset
         if ((fileStartOffset + mod->size) < receiveOffset) {
@@ -391,6 +399,11 @@ after_group:;
             continue;
         }
 
+        if (mod->fileCount > 0 && !mod->files) {
+            LOG_ERROR("Null mod files");
+            continue;
+        }
+
         for (u64 fileIndex = 0; fileIndex < mod->fileCount; fileIndex++) {
             struct ModFile* modFile = &mod->files[fileIndex];