fix(channelserver): add max-size guards to binary blob save handlers

A malicious or buggy client could send arbitrarily large payloads that get written directly to PostgreSQL, wasting disk and memory. Each save handler now rejects payloads exceeding a generous upper bound derived from the known data format sizes. Covers all remaining items from #158: partner, hunternavi, savemercenary, scenariodata, platedata, platebox, platemyset, rengokudata, mezfes, savefavoritequest, house_furniture, mission. Closes #158
2026-03-22 07:32:32 +01:00 · 2026-02-19 00:28:28 +01:00
parent 604d53d6d7
commit c2eba51b29
7 changed files with 57 additions and 2 deletions
--- a/server/channelserver/handlers_data.go
+++ b/server/channelserver/handlers_data.go
@@ -183,6 +183,11 @@ func handleMsgMhfLoaddata(s *Session, p mhfpacket.MHFPacket) {

 func handleMsgMhfSaveScenarioData(s *Session, p mhfpacket.MHFPacket) {
 	pkt := p.(*mhfpacket.MsgMhfSaveScenarioData)
+	if len(pkt.RawDataPayload) > 65536 {
+		s.logger.Warn("Scenario payload too large", zap.Int("len", len(pkt.RawDataPayload)))
+		doAckSimpleFail(s, pkt.AckHandle, make([]byte, 4))
+		return
+	}
 	dumpSaveData(s, pkt.RawDataPayload, "scenario")
 	_, err := s.server.db.Exec("UPDATE characters SET scenariodata = $1 WHERE id = $2", pkt.RawDataPayload, s.charID)
 	if err != nil {