search

userMM / openhelbreath

Automatically exported from code.google.com/p/openhelbreath
0 stars 0 forks source link

GameServer buffer splitting #15

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
I have completely no idea what to do. GameServer is connecting to
LoginServer and sending REQUEST_REGISTERGAMESERVER with request config
files. Ok, but the thing is it does not come in one piece.

Any ideas? Implementation from HBChina HG is not what I am looking for. And
propably its not as safe as I thought before.

Original issue reported on code.google.com by Drajwer@gmail.com on 19 Feb 2010 at 12:44

GoogleCodeExporter commented 9 years ago 
Packets split, it's how they work. Since I suppose you're not using XSocket any 
more,
you still need to specify the length of the data packet you are sending in the 
packet
data header.

Original comment by elim...@gmail.com on 8 Mar 2010 at 3:45

GoogleCodeExporter commented 9 years ago 
Nevermind. I wrote better and secure way to reading data. In korean server 
there is
state variable and its switching ON/OFF so I think it's possible to exploit it 
in any
way. I will try sometime empty packet with SIZE > 3 while sent data = 3 bytes.

Please look into GateSocket.cpp. Buffer reading lacks some things. If a big 
packet is
split into 3 pieces. When first one came, and it's fake packet (size in header 
is
more than data that should be sent) so server does not time out a hacker. How 
this
should look:

- Client sends data to Server
- Server received first piece and reads header. Write to buffer.
- Server's buffer size < header.size. Don't parse packet. Start timer.
- Server is waiting...
- Server received second piece after one second. It's not valid packet, just 
some
random data.
- Kill player.

In case server recevied second part in time shorter than DEF_DATATIMEOUT, call
__Reader method. Pop data and repeat everything.

Original comment by Drajwer@gmail.com on 8 Mar 2010 at 10:35

GoogleCodeExporter commented 9 years ago 
I meant, they split in that way:

PA|CKET1PAC|KET2PAC|KET3P|ACKET4

Original comment by Drajwer@gmail.com on 8 Mar 2010 at 10:38

GoogleCodeExporter commented 9 years ago 
Yes that's how TCP/IP works.

"When first one came, and it's fake packet (size in header is
more than data that should be sent)"
It reads the data the header said to read. The rest of the data will be read as 
a
header, then data again, process is repeated, etc...
If any error occurs, the client is deleted of course.

I suggest using the ACE Framework to get rid of all these network headaches.

Original comment by elim...@gmail.com on 8 Mar 2010 at 10:48