rcon: add flooding protection

src/client/component/auth.cpp

@@ -25,6 +25,8 @@ namespace auth
 {
 	namespace
 	{
+		const game::dvar_t* password;
+
 		std::array<uint64_t, 18> client_xuids{};
 
 		std::string get_hdd_serial()
@@ -336,6 +338,11 @@ namespace auth
 			// Intercept SV_DirectConnect in SV_AddTestClient
 			utils::hook::call(game::select(0x1422490DC, 0x14052E582), direct_connect_bots_stub);
 
+			scheduler::once([]
+			{
+				password = game::register_dvar_string("password", "", game::DVAR_USERINFO, "password");
+			}, scheduler::pipeline::main);
+
 			// Patch steam id bit check
 			std::vector<std::pair<size_t, size_t>> patches{};
 			const auto p = [&patches](const size_t a, const size_t b)

src/client/component/dvars_patches.cpp

@@ -13,7 +13,7 @@ namespace dvars_patches
 	{
 		void patch_dvars()
 		{
-			game::register_sessionmode_dvar_bool("com_pauseSupported", !game::is_server(), game::DVAR_SERVERINFO, "Whether is pause is ever supported by the game mode");
+			(void)game::register_sessionmode_dvar_bool("com_pauseSupported", !game::is_server(), game::DVAR_SERVERINFO, "Whether is pause is ever supported by the game mode");
 		}
 
 		void patch_flags()

src/client/component/patches.cpp

@@ -2,10 +2,8 @@
 #include "loader/component_loader.hpp"
 
 #include <game/game.hpp>
-#include <game/utils.hpp>
 
 #include "network.hpp"
-#include "scheduler.hpp"
 
 #include <utils/hook.hpp>
 
@@ -56,11 +54,6 @@ namespace patches
 
 			// make sure client's reliableAck are not negative
 			sv_execute_client_messages_hook.create(game::select(0x14224A460, 0x14052F840), sv_execute_client_messages_stub);
-
-			scheduler::once([]
-			{
-				game::register_dvar_string("password", "", game::DVAR_USERINFO, "password");
-			}, scheduler::pipeline::main);
 		}
 	};
 }

src/client/component/rcon.cpp

@@ -7,7 +7,6 @@
 #include "scheduler.hpp"
 
 #include <utils/finally.hpp>
-#include <utils/string.hpp>
 
 #include <game/utils.hpp>
 
@@ -15,9 +14,13 @@ namespace rcon
 {
 	namespace
 	{
+		const game::dvar_t* rcon_timeout;
+
+		std::unordered_map<std::size_t, int> rate_limit_map;
+
 		std::optional<std::string> get_and_validate_rcon_command(const std::string& data)
 		{
-			const command::params params{data.data()};
+			const command::params params{data};
 
 			if (params.size() <= 1)
 			{
@@ -52,8 +55,51 @@ namespace rcon
 			network::send(target, "print", console_buffer);
 		}
 
+		bool rate_limit_check(const game::netadr_t& address, const int time)
+		{
+			const auto hash = std::hash<game::netadr_t>()(address);
+			if (!rate_limit_map.contains(hash))
+			{
+				rate_limit_map[hash] = 0;
+			}
+
+			const auto last_time = rate_limit_map[hash];
+
+			if (last_time && (time - last_time) < rcon_timeout->current.value.integer)
+			{
+				return false; // Flooding
+			}
+
+			rate_limit_map[hash] = time;
+			return true;
+		}
+
+		void rate_limit_cleanup(const int time)
+		{
+			for (auto i = rate_limit_map.begin(); i != rate_limit_map.end();)
+			{
+				// No longer at risk of flooding, remove
+				if ((time - i->second) > rcon_timeout->current.value.integer)
+				{
+					i = rate_limit_map.erase(i);
+				}
+				else
+				{
+					++i;
+				}
+			}
+		}
+
 		void rcon_handler(const game::netadr_t& target, const network::data_view& data)
 		{
+			const auto time = game::Sys_Milliseconds();
+			if (!rate_limit_check(target, time))
+			{
+				return;
+			}
+
+			rate_limit_cleanup(time);
+
 			auto str_data = std::string(reinterpret_cast<const char*>(data.data()), data.size());
 			scheduler::once([target, s = std::move(str_data)]
 			{
@@ -67,6 +113,8 @@ namespace rcon
 		void post_unpack() override
 		{
 			network::on("rcon", rcon_handler);
+
+			rcon_timeout = game::register_dvar_int("rcon_timeout", 500, 100, 10000, game::DVAR_NONE, "");
 		}
 	};
 }

src/client/game/symbols.hpp

@@ -97,7 +97,7 @@ namespace game
 	WEAK symbol<bool(char const*, netadr_t*)> NET_StringToAdr{0x142172780, 0x140515110};
 
 	// Sys
-	WEAK symbol<int()> Sys_Milliseconds{0x142332870};
+	WEAK symbol<int()> Sys_Milliseconds{0x142332870, 0x1405972F0};
 	WEAK symbol<void()> Sys_ShowConsole{0x1423333C0, 0x140597E40};
 	WEAK symbol<TLSData*()> Sys_GetTLS{0x1421837B0, 0x140525EB0};
 	WEAK symbol<TLSData*()> Sys_IsDatabaseReady{0x142183A60};
@@ -124,6 +124,10 @@ namespace game
 	                    const char* description)> Dvar_RegisterBool{
 		0x1422D0900, 0x14057B500
 	};
+	WEAK symbol<dvar_t*(dvarStrHash_t hash, const char* dvarName, int value, int min, int max, unsigned int flags,
+	                    const char* description)> Dvar_RegisterInt{
+		0x0, 0x14057B7B0
+	};
 	WEAK symbol<dvar_t*(dvarStrHash_t hash, const char* dvarName, float value, float min, float max, unsigned int flags,
 	                    const char* description)> Dvar_RegisterFloat{
 		0x0, 0x14057B6B0

src/client/game/utils.cpp

@@ -45,7 +45,7 @@ namespace game
 		return dvar->current.value.enabled;
 	}
 
-	const dvar_t* register_sessionmode_dvar_bool(const char* dvar_name, const bool value, const int flags,
+	const dvar_t* register_sessionmode_dvar_bool(const char* dvar_name, const bool value, const unsigned int flags,
 	                                             const char* description, const eModes mode)
 	{
 		const auto hash = Dvar_GenerateHash(dvar_name);
@@ -71,7 +71,7 @@ namespace game
 		return registered_dvar;
 	}
 
-	const dvar_t* register_dvar_bool(const char* dvar_name, const bool value, const int flags, const char* description)
+	const dvar_t* register_dvar_bool(const char* dvar_name, const bool value, const unsigned int flags, const char* description)
 	{
 		const auto hash = Dvar_GenerateHash(dvar_name);
 		auto* registered_dvar = Dvar_RegisterBool(hash, dvar_name, value, flags, description);
@@ -84,7 +84,21 @@ namespace game
 		return registered_dvar;
 	}
 
-	const dvar_t* register_dvar_float(const char* dvar_name, float value, float min, float max, const int flags,
+	const dvar_t* register_dvar_int(const char* dvar_name, int value, int min, int max, const unsigned int flags,
+		const char* description)
+	{
+		const auto hash = Dvar_GenerateHash(dvar_name);
+		auto* registered_dvar = Dvar_RegisterInt(hash, dvar_name, value, min, max, flags, description);
+
+		if (registered_dvar)
+		{
+			registered_dvar->debugName = dvar_name;
+		}
+
+		return registered_dvar;
+	}
+
+	const dvar_t* register_dvar_float(const char* dvar_name, float value, float min, float max, const unsigned int flags,
 	                                  const char* description)
 	{
 		const auto hash = Dvar_GenerateHash(dvar_name);
@@ -98,7 +112,7 @@ namespace game
 		return registered_dvar;
 	}
 
-	const dvar_t* register_dvar_string(const char* dvar_name, const char* value, const int flags,
+	const dvar_t* register_dvar_string(const char* dvar_name, const char* value, const unsigned int flags,
 	                                   const char* description)
 	{
 		const auto hash = Dvar_GenerateHash(dvar_name);
@@ -112,7 +126,7 @@ namespace game
 		return registered_dvar;
 	}
 
-	void dvar_add_flags(const char* dvar_name, const dvarFlags_e flags)
+	void dvar_add_flags(const char* dvar_name, const unsigned int flags)
 	{
 		auto* dvar = Dvar_FindVar(dvar_name);
 
@@ -132,7 +146,7 @@ namespace game
 		dvar_to_change->flags |= flags;
 	}
 
-	void dvar_set_flags(const char* dvar_name, const dvarFlags_e flags)
+	void dvar_set_flags(const char* dvar_name, const unsigned int flags)
 	{
 		auto* dvar = Dvar_FindVar(dvar_name);
 

src/client/game/utils.hpp

@@ -4,20 +4,21 @@
 
 namespace game
 {
-	std::string get_dvar_string(const char* dvar_name);
+	[[nodiscard]] std::string get_dvar_string(const char* dvar_name);
-	int get_dvar_int(const char* dvar_name);
+	[[nodiscard]] int get_dvar_int(const char* dvar_name);
-	bool get_dvar_bool(const char* dvar_name);
+	[[nodiscard]] bool get_dvar_bool(const char* dvar_name);
 
-	const dvar_t* register_dvar_bool(const char* dvar_name, bool value, int flags, const char* description);
+	[[nodiscard]] const dvar_t* register_dvar_bool(const char* dvar_name, bool value, unsigned int flags, const char* description);
-	const dvar_t* register_dvar_float(const char* dvar_name, float value, float min, float max, const int flags, const char* description);
+	[[nodiscard]] const dvar_t* register_dvar_int(const char* dvar_name, int value, int min, int max, unsigned int flags, const char* description);
-	const dvar_t* register_sessionmode_dvar_bool(const char* dvar_name, bool value, int flags, const char* description, eModes mode = MODE_COUNT);
+	[[nodiscard]] const dvar_t* register_dvar_float(const char* dvar_name, float value, float min, float max, unsigned int flags, const char* description);
-	const dvar_t* register_dvar_string(const char* dvar_name, const char* value, int flags, const char* description);
+	[[nodiscard]] const dvar_t* register_sessionmode_dvar_bool(const char* dvar_name, bool value, unsigned int flags, const char* description, eModes mode = MODE_COUNT);
+	[[nodiscard]] const dvar_t* register_dvar_string(const char* dvar_name, const char* value, unsigned int flags, const char* description);
 
-	void dvar_add_flags(const char* dvar, dvarFlags_e flags);
+	void dvar_add_flags(const char* dvar, unsigned int flags);
-	void dvar_set_flags(const char* dvar_name, dvarFlags_e flags);
+	void dvar_set_flags(const char* dvar_name, unsigned int flags);
 
-	bool is_server_running();
+	[[nodiscard]] bool is_server_running();
-	size_t get_max_client_count();
+	[[nodiscard]] size_t get_max_client_count();
 
 	void foreach_client(const std::function<void(client_s&, size_t index)>& callback);
 	void foreach_client(const std::function<void(client_s&)>& callback);

src/client/steam/interfaces/matchmaking_servers.cpp

@@ -305,7 +305,8 @@ namespace steam
 		auto& servers_list = hRequest == favorites_request ? favorites_servers : internet_servers;
 
 		static thread_local gameserveritem_t server_item{};
-		return servers_list.access<gameserveritem_t*>([iServer](const servers& s) -> gameserveritem_t* {
+		return servers_list.access<gameserveritem_t*>([iServer](const servers& s) -> gameserveritem_t*
+		{
 			if (iServer < 0 || static_cast<size_t>(iServer) >= s.size())
 			{
 				return nullptr;