Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix crash triggered by clients sending too-new SDL. #156

Merged
merged 1 commit into from
Oct 6, 2021

Conversation

Hoikas
Copy link
Member

@Hoikas Hoikas commented Oct 6, 2021

If someone is hacking, developing, etc., then they may have an SDL descriptor that is newer than what the server knows about. This is most likely to happen for Age SDL (eg Personal, Kveer, etc). The client blindly updates any out of date Age Vault SDL that it finds to whatever it thinks the most recent descriptor is. This fixes the DS vault SDL merging code to be more selective and not crash when receiving an "invalid" SDL blob.

To reproduce, open the Personal.sdl file in your client, copy the last STATEDESC, and increment its version.

If someone is hacking, developing, etc., then they may have an SDL
descriptor that is newer than what the server knows about. This is most
likely to happen for Age SDL (eg Personal, Kveer, etc). The client
blindly updates any out of date Age Vault SDL that it finds to whatever
it thinks the most recent descriptor is. This fixes the DS vault SDL
merging code to be more selective and not crash when receiving an
"invalid" SDL blob.

To reproduce, open the Personal.sdl file in your client, copy the last
STATEDESC, and increment its version.
@zrax zrax merged commit 2cc8636 into H-uru:master Oct 6, 2021
@Hoikas Hoikas deleted the agesdl_crash branch October 7, 2021 00:09
@Hoikas Hoikas mentioned this pull request Oct 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants