From a73e71510ac8a022b99725dae3e97cb26a30edd6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20M=C3=BCller?=
 <34514239+appgurueu@users.noreply.github.com>
Date: Tue, 4 Feb 2025 12:19:00 +0100
Subject: [PATCH] Clamp client-sent movement speed control (#15721)

Results in the `movement_x` and `movement_y` fields of `player:get_player_control()` being safe to use
(otherwise users would need to compute the length as `(x^2 + y^2)^0.5` and clamp that to 1 themselves).
---
 src/network/serverpackethandler.cpp | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/network/serverpackethandler.cpp b/src/network/serverpackethandler.cpp
index 86c18725f..4e2998101 100644
--- a/src/network/serverpackethandler.cpp
+++ b/src/network/serverpackethandler.cpp
@@ -30,6 +30,8 @@
 #include "util/srp.h"
 #include "clientdynamicinfo.h"
 
+#include <algorithm>
+
 void Server::handleCommand_Deprecated(NetworkPacket* pkt)
 {
 	infostream << "Server: " << toServerCommandTable[pkt->getCommand()].name
@@ -468,7 +470,11 @@ void Server::process_PlayerPos(RemotePlayer *player, PlayerSAO *playersao,
 		*pkt >> bits;
 
 	if (pkt->getRemainingBytes() >= 8) {
-		*pkt >> player->control.movement_speed;
+		f32 movement_speed;
+		*pkt >> movement_speed;
+		if (movement_speed != movement_speed) // NaN
+			movement_speed = 0.0f;
+		player->control.movement_speed = std::clamp(movement_speed, 0.0f, 1.0f);
 		*pkt >> player->control.movement_direction;
 	} else {
 		player->control.movement_speed = 0.0f;