Merge pull request #129 from diamante0018/netchan/fix-2

[Network] Check for invalid reliableAcknowledge
This commit is contained in:
Dss0 2021-09-13 23:34:34 +02:00 committed by GitHub
commit a22eac5c46
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 39 additions and 8 deletions

View File

@ -14,7 +14,7 @@ namespace Components
{ {
Game::SockadrToNetadr(addr, &this->address); Game::SockadrToNetadr(addr, &this->address);
} }
bool Network::Address::operator==(const Network::Address &obj) const bool Network::Address::operator==(const Network::Address& obj) const
{ {
return Game::NET_CompareAdr(this->address, obj.address); return Game::NET_CompareAdr(this->address, obj.address);
} }
@ -342,6 +342,20 @@ namespace Components
Game::NET_DeferPacketToClient(from, msg); Game::NET_DeferPacketToClient(from, msg);
} }
void Network::SV_ExecuteClientMessageStub(Game::client_t* client, Game::msg_t* msg)
{
if (client->reliableAcknowledge < 0)
{
Logger::Print("Negative reliableAcknowledge from %s - cl->reliableSequence is %i, reliableAcknowledge is %i\n",
client->name, client->reliableSequence, client->reliableAcknowledge);
client->reliableAcknowledge = client->reliableSequence;
Network::SendCommand(Game::NS_SERVER, client->netchan.remoteAddress, "error", "EXE_LOSTRELIABLECOMMANDS");
return;
}
Utils::Hook::Call<void(Game::client_t*, Game::msg_t*)>(0x414D40)(client, msg);
}
Network::Network() Network::Network()
{ {
AssertSize(Game::netadr_t, 20); AssertSize(Game::netadr_t, 20);
@ -381,6 +395,9 @@ namespace Components
// Fix packets causing buffer overflow // Fix packets causing buffer overflow
Utils::Hook(0x6267E3, Network::NET_DeferPacketToClientStub, HOOK_CALL).install()->quick(); Utils::Hook(0x6267E3, Network::NET_DeferPacketToClientStub, HOOK_CALL).install()->quick();
// Fix server freezer exploit
Utils::Hook(0x626996, Network::SV_ExecuteClientMessageStub, HOOK_CALL).install()->quick();
Network::Handle("resolveAddress", [](Address address, const std::string& /*data*/) Network::Handle("resolveAddress", [](Address address, const std::string& /*data*/)
{ {
Network::SendRaw(address, address.getString()); Network::SendRaw(address, address.getString());

View File

@ -89,6 +89,8 @@ namespace Components
static void PacketErrorCheck(); static void PacketErrorCheck();
static void NET_DeferPacketToClientStub(Game::netadr_t* from, Game::msg_t* msg); static void NET_DeferPacketToClientStub(Game::netadr_t* from, Game::msg_t* msg);
static void SV_ExecuteClientMessageStub(Game::client_t* client, Game::msg_t* msg);
}; };
} }

View File

@ -534,10 +534,10 @@ namespace Game
typedef bool(__cdecl * NET_StringToAdr_t)(const char *s, netadr_t *a); typedef bool(__cdecl * NET_StringToAdr_t)(const char *s, netadr_t *a);
extern NET_StringToAdr_t NET_StringToAdr; extern NET_StringToAdr_t NET_StringToAdr;
typedef void(__cdecl* NET_OutOfBandPrint_t)(netsrc_t sock, netadr_t adr, const char *data); typedef void(__cdecl * NET_OutOfBandPrint_t)(netsrc_t sock, netadr_t adr, const char *data);
extern NET_OutOfBandPrint_t NET_OutOfBandPrint; extern NET_OutOfBandPrint_t NET_OutOfBandPrint;
typedef void(__cdecl* NET_OutOfBandData_t)(netsrc_t sock, netadr_t adr, const char *format, int len); typedef void(__cdecl * NET_OutOfBandData_t)(netsrc_t sock, netadr_t adr, const char *format, int len);
extern NET_OutOfBandData_t NET_OutOfBandData; extern NET_OutOfBandData_t NET_OutOfBandData;
typedef void(__cdecl * Live_MPAcceptInvite_t)(_XSESSION_INFO *hostInfo, const int controllerIndex, bool fromGameInvite); typedef void(__cdecl * Live_MPAcceptInvite_t)(_XSESSION_INFO *hostInfo, const int controllerIndex, bool fromGameInvite);

View File

@ -5417,15 +5417,27 @@ namespace Game
int reliableSequence; // 134748 int reliableSequence; // 134748
int reliableAcknowledge; // 134752 int reliableAcknowledge; // 134752
int reliableSent; // 134756 int reliableSent; // 134756
char __pad4[1084]; // 134760 int messageAcknowledge; // 134760
int gamestateMessageNum; // 134764
int challenge; // 134768
usercmd_s lastUsercmd; // 134772
int lastClientCommand; // 134812
char lastClientCommandString[1024]; // 134816
gentity_t* gentity; // 135840
char name[16]; // 135844 char name[16]; // 135844
char __pad5[12]; // 135860 char __pad4[4]; // 135860
int lastPacketTime; // 135864
int lastConnectTime; // 135868
int snapNum; // 135872 int snapNum; // 135872
int __pad6; // 135876 int __pad5; // 135876
short ping; // 135880 short ping; // 135880
char __pad7[133158]; // 135882 char __pad6[14]; // 135882
int pureAuthentic; // 135896
char __pad7[133138]; // 135900
short scriptID; // 269038
int isBot; // 269040 int isBot; // 269040
char __pad8[9228]; // 269044 int serverID; // 269044
char __pad8[9224]; // 269048
unsigned __int64 steamID; // 278272 unsigned __int64 steamID; // 278272
char __pad9[403592]; // 278280 char __pad9[403592]; // 278280
} client_t; } client_t;