Fix negativeAck exploit (crash DOS)

This commit is contained in:
ineed bots 2023-04-17 19:56:32 -06:00
parent 7f908163ca
commit ddb63bc5d2
2 changed files with 28 additions and 4 deletions

View File

@ -11,7 +11,20 @@
namespace patches namespace patches
{ {
namespace namespace
{ {
utils::hook::detour sv_executeclientmessages_hook;
void sv_executeclientmessages_stub(game::client_s* cl, game::msg_t* msg)
{
if (cl->reliableAcknowledge < 0)
{
cl->reliableAcknowledge = cl->reliableSequence;
return;
}
sv_executeclientmessages_hook.invoke<void>(cl, msg);
}
void script_errors_stub(const char* file, int line, unsigned int code, const char* fmt, ...) void script_errors_stub(const char* file, int line, unsigned int code, const char* fmt, ...)
{ {
char buffer[0x1000]; char buffer[0x1000];
@ -37,7 +50,10 @@ namespace patches
// Change 4 character name limit to 3 characters // Change 4 character name limit to 3 characters
utils::hook::set<uint8_t>(game::select(0x14224DA53, 0x140531143), 3); utils::hook::set<uint8_t>(game::select(0x14224DA53, 0x140531143), 3);
utils::hook::set<uint8_t>(game::select(0x14224DBB4, 0x1405312A8), 3); utils::hook::set<uint8_t>(game::select(0x14224DBB4, 0x1405312A8), 3);
utils::hook::set<uint8_t>(game::select(0x14224DF8C, 0x1405316DC), 3); utils::hook::set<uint8_t>(game::select(0x14224DF8C, 0x1405316DC), 3);
// make sure client's reliableAck are not negative
sv_executeclientmessages_hook.create(game::select(0x14224A460, 0x14052F840), sv_executeclientmessages_stub);
scheduler::once([] scheduler::once([]
{ {

View File

@ -1583,15 +1583,23 @@ namespace game
int client_state; int client_state;
char __pad0[0x28]; char __pad0[0x28];
netadr_t address; netadr_t address;
char __pad1[0x5588]; char gap_3C[20468];
int reliableSequence;
int reliableAcknowledge;
char gap_5038[4];
int messageAcknowledge;
char gap_5040[1416];
uint64_t xuid; uint64_t xuid;
char __pad2[0xB5D84]; char __pad2[0xB5D84];
int guid; int guid;
char __pad3[0x8]; char __pad3[0x8];
bool bIsTestClient; bool bIsTestClient;
char __pad4[0x29DAC]; char gap_BB361[3];
int serverId;
char gap_BB368[171432];
}; };
#ifdef __cplusplus #ifdef __cplusplus
static_assert(sizeof(client_s) == 0xE5110); static_assert(sizeof(client_s) == 0xE5110);