From 2f69b512800a08bc2443452060a193b532709c3f Mon Sep 17 00:00:00 2001
From: MangosArentLiterature
 <58055358+MangosArentLiterature@users.noreply.github.com>
Date: Tue, 20 Apr 2021 11:51:22 -0500
Subject: [PATCH] Limit the amount of data the server will read

Set a hard limit on 30KB that the server is willing to read, over two sequential reads. If the client sends more than 30KB combined, the server will disconnect the client.
---
 include/aoclient.h | 5 +++++
 src/aoclient.cpp   | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/include/aoclient.h b/include/aoclient.h
index 71ddf6f..1c2f799 100644
--- a/include/aoclient.h
+++ b/include/aoclient.h
@@ -2049,6 +2049,11 @@ class AOClient : public QObject {
      * @param incoming_message QString to be decoded.
      */
     QString decodeMessage(QString incoming_message);
+
+    /**
+     * @brief The size, in bytes, of the last data the client sent to the server.
+     */
+    int last_read;
 };
 
 #endif // AOCLIENT_H
diff --git a/src/aoclient.cpp b/src/aoclient.cpp
index 459bff5..1fc9c92 100644
--- a/src/aoclient.cpp
+++ b/src/aoclient.cpp
@@ -19,7 +19,12 @@
 
 void AOClient::clientData()
 {
+    if (last_read + socket->bytesAvailable() > 30720) { // Client can send a max of 30KB to the server over two sequential reads
+        socket->close();
+    }
+
     QString data = QString::fromUtf8(socket->readAll());
+    last_read = data.size();
 
     if (is_partial) {
         data = partial_packet + data;