From b89eddc8676acb6588be2cb739d07d3948b277f3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=CE=B6eh=20Matt?= <5415177+ZehMatt@users.noreply.github.com>
Date: Tue, 28 Dec 2021 16:36:13 +0200
Subject: [PATCH] Fix #16327: Crash supplying a bad signature size in the auth
 packet

---
 src/openrct2/network/NetworkBase.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/openrct2/network/NetworkBase.cpp b/src/openrct2/network/NetworkBase.cpp
index 6360e73aee..2e75cfa47a 100644
--- a/src/openrct2/network/NetworkBase.cpp
+++ b/src/openrct2/network/NetworkBase.cpp
@@ -2559,6 +2559,15 @@ void NetworkBase::Server_Handle_AUTH(NetworkConnection& connection, NetworkPacke
         {
             try
             {
+                // RSA technically supports keys up to 65536 bits, so this is the
+                // maximum signature size for now.
+                constexpr auto MaxRSASignatureSizeInBytes = 8192;
+
+                if (sigsize == 0 || sigsize > MaxRSASignatureSizeInBytes)
+                {
+                    throw std::runtime_error("Invalid signature size");
+                }
+
                 std::vector<uint8_t> signature;
                 signature.resize(sigsize);