Merge pull request #553 from ineedbots/main
Fix negativeAck exploit (crash DOS)
This commit is contained in:
commit
3d440eabc5
@ -12,6 +12,19 @@ namespace patches
|
|||||||
{
|
{
|
||||||
namespace
|
namespace
|
||||||
{
|
{
|
||||||
|
utils::hook::detour sv_executeclientmessages_hook;
|
||||||
|
|
||||||
|
void sv_executeclientmessages_stub(game::client_s* client, game::msg_t* msg)
|
||||||
|
{
|
||||||
|
if (client->reliableAcknowledge < 0)
|
||||||
|
{
|
||||||
|
client->reliableAcknowledge = client->reliableSequence;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
sv_executeclientmessages_hook.invoke<void>(client, msg);
|
||||||
|
}
|
||||||
|
|
||||||
void script_errors_stub(const char* file, int line, unsigned int code, const char* fmt, ...)
|
void script_errors_stub(const char* file, int line, unsigned int code, const char* fmt, ...)
|
||||||
{
|
{
|
||||||
char buffer[0x1000];
|
char buffer[0x1000];
|
||||||
@ -39,6 +52,9 @@ namespace patches
|
|||||||
utils::hook::set<uint8_t>(game::select(0x14224DBB4, 0x1405312A8), 3);
|
utils::hook::set<uint8_t>(game::select(0x14224DBB4, 0x1405312A8), 3);
|
||||||
utils::hook::set<uint8_t>(game::select(0x14224DF8C, 0x1405316DC), 3);
|
utils::hook::set<uint8_t>(game::select(0x14224DF8C, 0x1405316DC), 3);
|
||||||
|
|
||||||
|
// make sure client's reliableAck are not negative
|
||||||
|
sv_executeclientmessages_hook.create(game::select(0x14224A460, 0x14052F840), sv_executeclientmessages_stub);
|
||||||
|
|
||||||
scheduler::once([]
|
scheduler::once([]
|
||||||
{
|
{
|
||||||
game::register_dvar_string("password", "", game::DVAR_USERINFO, "password");
|
game::register_dvar_string("password", "", game::DVAR_USERINFO, "password");
|
||||||
|
@ -1583,15 +1583,23 @@ namespace game
|
|||||||
int client_state;
|
int client_state;
|
||||||
char __pad0[0x28];
|
char __pad0[0x28];
|
||||||
netadr_t address;
|
netadr_t address;
|
||||||
char __pad1[0x5588];
|
char gap_3C[20468];
|
||||||
|
int reliableSequence;
|
||||||
|
int reliableAcknowledge;
|
||||||
|
char gap_5038[4];
|
||||||
|
int messageAcknowledge;
|
||||||
|
char gap_5040[1416];
|
||||||
uint64_t xuid;
|
uint64_t xuid;
|
||||||
char __pad2[0xB5D84];
|
char __pad2[0xB5D84];
|
||||||
int guid;
|
int guid;
|
||||||
char __pad3[0x8];
|
char __pad3[0x8];
|
||||||
bool bIsTestClient;
|
bool bIsTestClient;
|
||||||
char __pad4[0x29DAC];
|
char gap_BB361[3];
|
||||||
|
int serverId;
|
||||||
|
char gap_BB368[171432];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
static_assert(sizeof(client_s) == 0xE5110);
|
static_assert(sizeof(client_s) == 0xE5110);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user