From d6a4b7f0ba65daa0ab8081543c92e0ff5f5f869f Mon Sep 17 00:00:00 2001
From: Detanup01 <91248446+Detanup01@users.noreply.github.com>
Date: Mon, 29 Apr 2024 20:51:54 +0200
Subject: [PATCH] no more copy if the size is bigger than the ticket

---
 dll/auth.cpp         | 7 ++++---
 dll/dll/steam_user.h | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/dll/auth.cpp b/dll/auth.cpp
index dd806294..f70456ee 100644
--- a/dll/auth.cpp
+++ b/dll/auth.cpp
@@ -81,7 +81,7 @@ Auth_Data Auth_Manager::getTicketData( void *pTicket, int cbMaxTicket, uint32 *p
 
 #define IP4_AS_DWORD_LITTLE_ENDIAN(a,b,c,d) (((uint32_t)d)<<24 | ((uint32_t)c)<<16 | ((uint32_t)b)<<8 | (uint32_t)a)
 
-    Auth_Data ticket_data;
+    Auth_Data ticket_data{};
     CSteamID steam_id = settings->get_local_steam_id();
     if (settings->enable_new_app_ticket)
     {
@@ -127,7 +127,8 @@ Auth_Data Auth_Manager::getTicketData( void *pTicket, int cbMaxTicket, uint32 *p
         }
         std::vector<uint8_t> ser = ticket_data.Serialize();
         *pcbTicket = ser.size();
-        memcpy(pTicket, ser.data(), ser.size());
+        if (cbMaxTicket >= ser.size())
+            memcpy(pTicket, ser.data(), ser.size());
     }
     else
     {
@@ -189,7 +190,7 @@ uint32 Auth_Manager::getWebApiTicket( const char* pchIdentity )
     GetTicketForWebApiResponse_t data{};
     uint32 cbTicket = 0;
     Auth_Data ticket_data = getTicketData(data.m_rgubTicket, STEAM_AUTH_TICKET_SIZE, &cbTicket);
-    if (*cbTicket > STEAM_AUTH_TICKET_SIZE)
+    if (cbTicket > STEAM_AUTH_TICKET_SIZE)
         return 0;
     data.m_cubTicket = (int)cbTicket;
     uint32 ttt = ticket_data.number;
diff --git a/dll/dll/steam_user.h b/dll/dll/steam_user.h
index 4ccdc4a6..d398ec39 100644
--- a/dll/dll/steam_user.h
+++ b/dll/dll/steam_user.h
@@ -118,7 +118,7 @@ int InitiateGameConnection( void *pAuthBlob, int cbMaxAuthBlob, CSteamID steamID
     if (!pAuthBlob) return 0;
     uint32 out_size = INITIATE_GAME_CONNECTION_TICKET_SIZE;
     auth_manager->getTicketData(pAuthBlob, INITIATE_GAME_CONNECTION_TICKET_SIZE, &out_size);
-    if (*out_size > INITIATE_GAME_CONNECTION_TICKET_SIZE)
+    if (out_size > INITIATE_GAME_CONNECTION_TICKET_SIZE)
         return 0;
     return out_size;
 }