Closed GoogleCodeExporter closed 9 years ago
Packets split, it's how they work. Since I suppose you're not using XSocket any
more,
you still need to specify the length of the data packet you are sending in the
packet
data header.
Original comment by elim...@gmail.com
on 8 Mar 2010 at 3:45
Nevermind. I wrote better and secure way to reading data. In korean server
there is
state variable and its switching ON/OFF so I think it's possible to exploit it
in any
way. I will try sometime empty packet with SIZE > 3 while sent data = 3 bytes.
Please look into GateSocket.cpp. Buffer reading lacks some things. If a big
packet is
split into 3 pieces. When first one came, and it's fake packet (size in header
is
more than data that should be sent) so server does not time out a hacker. How
this
should look:
- Client sends data to Server
- Server received first piece and reads header. Write to buffer.
- Server's buffer size < header.size. Don't parse packet. Start timer.
- Server is waiting...
- Server received second piece after one second. It's not valid packet, just
some
random data.
- Kill player.
In case server recevied second part in time shorter than DEF_DATATIMEOUT, call
__Reader method. Pop data and repeat everything.
Original comment by Drajwer@gmail.com
on 8 Mar 2010 at 10:35
I meant, they split in that way:
PA|CKET1PAC|KET2PAC|KET3P|ACKET4
Original comment by Drajwer@gmail.com
on 8 Mar 2010 at 10:38
Yes that's how TCP/IP works.
"When first one came, and it's fake packet (size in header is
more than data that should be sent)"
It reads the data the header said to read. The rest of the data will be read as
a
header, then data again, process is repeated, etc...
If any error occurs, the client is deleted of course.
I suggest using the ACE Framework to get rid of all these network headaches.
Original comment by elim...@gmail.com
on 8 Mar 2010 at 10:48
Original issue reported on code.google.com by
Drajwer@gmail.com
on 19 Feb 2010 at 12:44