bool TableSerializer::DeserializeTable(unsigned char *serializedTable, unsigned int tableLength, DataStructures::Table *out) { RakNet::BitStream in((unsigned char*) serializedTable, tableLength, false); unsigned columnSize; unsigned char columnType; unsigned rowSize; char columnName[_TABLE_MAX_COLUMN_NAME_LENGTH]; if (in.Read(columnSize)==false || columnSize > 10000) return false; // Hacker crash prevention out->Clear(); unsigned i; for (i=0; i<columnSize; i++) { stringCompressor->DecodeString(columnName, 32, &in); in.Read(columnType); out->AddColumn(columnName, (DataStructures::Table::ColumnType)columnType); } if (in.Read(rowSize)==false || rowSize>100000) return false; // Hacker crash prevention unsigned rowIndex; for (rowIndex=0; rowIndex < rowSize; rowIndex++) { if (DeserializeRow(&in, out)==false) return false; } return true; }
bool TableSerializer::DeserializeTable(RakNet::BitStream *in, DataStructures::Table *out) { unsigned rowSize; DeserializeColumns(in,out); if (in->Read(rowSize)==false || rowSize>100000) return false; // Hacker crash prevention unsigned rowIndex; for (rowIndex=0; rowIndex < rowSize; rowIndex++) { if (DeserializeRow(in, out)==false) return false; } return true; }