restrict packet size to 4K in server #3535

Merged
merged 1 commit into from Jul 11, 2013

Projects

None yet

3 participants

@chrisforbes
OpenRA member
  • Sending a negative length no longer crashes the server
  • Sending very large lengths can't force us to buffer stupid amounts of data

The offending client just gets kicked if they do this.

@chrisforbes chrisforbes restrict packet size to 4K in server
- Sending a negative length no longer crashes the server
- Sending very large lengths can't force us to buffer stupid amounts of data

The offending client just gets kicked if they do this.
edb08d6
@pchote pchote merged commit 9746b53 into OpenRA:bleed Jul 11, 2013

1 check passed

Details default The Travis CI build passed
@chrisforbes
OpenRA member

Will need some playtesting to make sure you can't legitimately bust the limit.

@Mailaender Mailaender commented on the diff Jul 13, 2013
OpenRA.Game/Server/Connection.cs
@@ -86,6 +87,13 @@ public void ReadData(Server server)
ExpectLength = BitConverter.ToInt32(bytes, 0) - 4;
Frame = BitConverter.ToInt32(bytes, 4);
State = ReceiveState.Data;
+
+ if (ExpectLength < 0 || ExpectLength > MaxOrderLength)
+ {
+ server.DropClient(this);
+ Log.Write("server", "Dropping client {0} for excessive order length = {1}", PlayerIndex, ExpectLength);
@Mailaender
Mailaender Jul 13, 2013

@Ripsn was hosting and kicked himself when right-click spamming infantry units:

Dropping client 0 for excessive order length = 8811

This needs to be reverted as it is game breaking with the current order code.

@chrisforbes
chrisforbes Jul 13, 2013
@Mailaender
Mailaender Jul 13, 2013

We simply reverted it in #3552 as that was faster.

@pchote
pchote Jul 14, 2013

That was just a quick hotfix so we could have a playable build.
I've restored this with a 128k limit in #3561.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment