From 3cb75d85693a25553b5cf3b5de2f3de7985cd7b9 Mon Sep 17 00:00:00 2001
From: GitHub Actions <github-actions[bot]@users.noreply.github.com>
Date: Wed, 25 Sep 2024 21:28:21 +0000
Subject: [PATCH] fix: remove uses of insecure "reinterpret_cast"

---
 src/server/network/message/networkmessage.cpp | 9 +++++----
 src/server/network/message/networkmessage.hpp | 3 ++-
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/server/network/message/networkmessage.cpp b/src/server/network/message/networkmessage.cpp
index c8f51096fa8..d713a416814 100644
--- a/src/server/network/message/networkmessage.cpp
+++ b/src/server/network/message/networkmessage.cpp
@@ -24,18 +24,19 @@ std::string NetworkMessage::getString(uint16_t stringLen /* = 0*/) {
 	}
 
 	if (!canRead(stringLen)) {
-		g_logger().error("Not enough data to read string of length: {}", stringLen);
+		g_logger().error("[{}] not enough data to read string of length: {}", __METHOD_NAME__, stringLen);
 		return {};
 	}
 
 	if (stringLen > NETWORKMESSAGE_MAXSIZE) {
-		g_logger().error("[NetworkMessage::addString] - Exceded NetworkMessage max size: {}, actually size: {}", NETWORKMESSAGE_MAXSIZE, stringLen);
+		g_logger().error("[{}] exceded NetworkMessage max size: {}, actually size: {}", __METHOD_NAME__, NETWORKMESSAGE_MAXSIZE, stringLen);
 		return {};
 	}
 
-	const char* v = reinterpret_cast<const char*>(buffer.data() + info.position);
+	// Copy the string from the buffer
+	std::string result(buffer.begin() + info.position, buffer.begin() + info.position + stringLen);
 	info.position += stringLen;
-	return std::string(v, stringLen);
+	return result;
 }
 
 Position NetworkMessage::getPosition() {
diff --git a/src/server/network/message/networkmessage.hpp b/src/server/network/message/networkmessage.hpp
index ad82c3abcb6..b6c7070259b 100644
--- a/src/server/network/message/networkmessage.hpp
+++ b/src/server/network/message/networkmessage.hpp
@@ -27,7 +27,8 @@ class NetworkMessage {
 	// 2 bytes for encrypted message size
 	static constexpr MsgSize_t INITIAL_BUFFER_POSITION = 8;
 
-	NetworkMessage() : buffer(NETWORKMESSAGE_MAXSIZE, 0) {}
+	NetworkMessage() :
+		buffer(NETWORKMESSAGE_MAXSIZE, 0) { }
 
 	void reset() {
 		info = {};