fix(network): Verify accepted type of incoming game messages

[stephanmeesters]

Currently outgoing GameMessage's are checked using Network::isTransferCommand but incoming messages are not checked, which can potentially enable certain cheats. Credits to Caball for pointing this out.

[greptile-apps]

Greptile Summary

This PR closes an anti-cheat gap by validating the GameMessage::Type of incoming network messages before appending them to TheCommandList, mirroring the outgoing check that already existed in GetCommandsFromCommandList. It also refactors isTransferCommand into a cleaner static helper isMessageTypeWithinNetworkRange that takes a Type value directly rather than a full GameMessage*.

• NetGameCommandMsg::getGameMessageType() is added so the type can be inspected before constructing the full GameMessage, avoiding an unnecessary allocation on the rejection path.
• The new incoming validation in RelayCommandsToCommandList is gated behind #if !RETAIL_COMPATIBLE_CRC; since RETAIL_COMPATIBLE_CRC defaults to 1 in GameDefines.h, the fix is inactive in standard community builds and only active in builds that explicitly opt out of retail CRC compatibility.

Confidence Score: 4/5

The refactoring is sound, but the new incoming-message type validation is compiled out in the default build, so the anti-cheat fix does not take effect in standard community releases.

The core security enforcement added by this PR — rejecting out-of-range incoming GameMessage types — is compiled out in every build where RETAIL_COMPATIBLE_CRC is 1, which is the default. The vulnerability remains open in standard community builds.

Core/GameEngine/Source/GameNetwork/Network.cpp — specifically the #if RETAIL_COMPATIBLE_CRC branching around the new validation logic

Important Files Changed

Filename	Overview
Core/GameEngine/Include/GameNetwork/NetCommandMsg.h	Adds getGameMessageType() declaration to NetGameCommandMsg; uses #pragma once correctly
Core/GameEngine/Source/GameNetwork/NetCommandMsg.cpp	Implements the trivial getGameMessageType() accessor returning m_type; no issues
Core/GameEngine/Source/GameNetwork/Network.cpp	Renames isTransferCommand to the static isMessageTypeWithinNetworkRange; adds incoming-message type validation guarded by #if !RETAIL_COMPATIBLE_CRC — the security check is inactive in the default build configuration

Sequence Diagram

sequenceDiagram
    participant Remote as Remote Client
    participant CM as ConnectionManager
    participant Net as Network::RelayCommandsToCommandList
    participant CL as TheCommandList

    Remote->>CM: Send NetGameCommandMsg (NETCOMMANDTYPE_GAMECOMMAND)
    CM->>Net: getFrameCommandList(frame)
    Net->>Net: getGameMessageType()
    alt "RETAIL_COMPATIBLE_CRC == 1 (default build)"
        Net->>CL: appendMessage(constructGameMessage()) [no type check]
    else "RETAIL_COMPATIBLE_CRC == 0"
        alt type within MSG_BEGIN..MSG_END_NETWORK_MESSAGES
            Net->>CL: appendMessage(constructGameMessage())
        else type out of range
            Net->>Net: DEBUG_LOG(rejecting game message...)
        end
    end

Loading

_{Reviews (6): Last reviewed commit: "Rework to check message type before crea..." | Re-trigger Greptile}

[xezon]

Looking good.