SDT0601: Missing StringPacket Attribute
| Property | Value |
|---|---|
| Rule ID | SDT0601 |
| Title | Missing StringPacket Attribute |
| Category | Network |
| Severity | Error |
Cause
A string parameter is being passed through a Remote Procedure Call (RPC), but it is not decorated with the [StringPacket] attribute, or the attribute specifies a maxLength of 0 or less.
Because strings are dynamically sized, the network layer requires a strict maximum byte size to safely pre-allocate buffers and prevent buffer overflow attacks or excessive bandwidth usage.
Rule Description
All string parameters in RPC methods must explicitly declare their maximum allowed length.
How to Fix Violations
To fix a violation of this rule, decorate the string parameter with the [StringPacket] attribute and provide a positive integer for the maximum size.
Violation:
[RPC(PacketBroadcast.Client)]
public void RPC_SendChatMessage(string message)
{
// ...
}
Fix:
[RPC(PacketBroadcast.Client)]
public void RPC_SendChatMessage([StringPacket(maxLength: 256)] string message)
{
// ...
}
When to Suppress Warnings
Danger
Do not suppress this error. The build will fail if it cannot determine the maximum size of the string payload.