fix(channelserver): add max-size guards to binary blob save handlers

A malicious or buggy client could send arbitrarily large payloads that get written directly to PostgreSQL, wasting disk and memory. Each save handler now rejects payloads exceeding a generous upper bound derived from the known data format sizes. Covers all remaining items from #158: partner, hunternavi, savemercenary, scenariodata, platedata, platebox, platemyset, rengokudata, mezfes, savefavoritequest, house_furniture, mission. Closes #158
2026-03-27 01:53:19 +01:00 · 2026-02-19 00:28:28 +01:00
parent 604d53d6d7
commit c2eba51b29
7 changed files with 57 additions and 2 deletions
--- a/server/channelserver/handlers_house.go
+++ b/server/channelserver/handlers_house.go
@@ -41,6 +41,11 @@ FROM warehouse

 func handleMsgMhfUpdateInterior(s *Session, p mhfpacket.MHFPacket) {
 	pkt := p.(*mhfpacket.MsgMhfUpdateInterior)
+	if len(pkt.InteriorData) > 64 {
+		s.logger.Warn("Interior payload too large", zap.Int("len", len(pkt.InteriorData)))
+		doAckSimpleSucceed(s, pkt.AckHandle, make([]byte, 4))
+		return
+	}
 	if _, err := s.server.db.Exec(`UPDATE user_binary SET house_furniture=$1 WHERE id=$2`, pkt.InteriorData, s.charID); err != nil {
 		s.logger.Error("Failed to update house furniture", zap.Error(err))
 	}
@@ -253,6 +258,11 @@ func handleMsgMhfGetMyhouseInfo(s *Session, p mhfpacket.MHFPacket) {

 func handleMsgMhfUpdateMyhouseInfo(s *Session, p mhfpacket.MHFPacket) {
 	pkt := p.(*mhfpacket.MsgMhfUpdateMyhouseInfo)
+	if len(pkt.Data) > 512 {
+		s.logger.Warn("MyhouseInfo payload too large", zap.Int("len", len(pkt.Data)))
+		doAckSimpleSucceed(s, pkt.AckHandle, make([]byte, 4))
+		return
+	}
 	if _, err := s.server.db.Exec("UPDATE user_binary SET mission=$1 WHERE id=$2", pkt.Data, s.charID); err != nil {
 		s.logger.Error("Failed to update myhouse mission", zap.Error(err))
 	}