It is funny how all the exploits were fixed within a day of posting the link to the coders list.
Chris -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Saul Rennison Sent: Friday, August 21, 2009 7:05 AM To: Discussion of Half-Life Programming Subject: Re: [hlcoders] Fragments memory corruption in the Source Engine (exploit; arbitary memory access) Don't accept console commands from players with no entity? How does the engine know when a CBasePlayer has been made for the player when it doesn't have access to it? :3 Thanks, - Saul. On 21 Aug 2009, at 08:57, AzuiSleet <[email protected]> wrote: > The solutions for some of them are very simple, but haven't been > implemented. Some easy solutions off the top of my head: Don't accept > console commands from a client if their player entity is NULL, also > don't > accept NaN as viewangles. > > On Fri, Aug 21, 2009 at 1:01 AM, Christopher Harris > <[email protected]>wrote: > >> I agree. >> >> Chris >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Spencer >> 'voogru' MacDonald >> Sent: Friday, August 21, 2009 12:43 AM >> To: 'Discussion of Half-Life Programming' >> Subject: Re: [hlcoders] Fragments memory corruption in the Source >> Engine >> (exploit; arbitary memory access) >> >> Not really. >> >> I've personally seen valve fix stuff like this once they were made >> aware of >> it. I'm wondering if this guy even alerted valve to it before >> releasing it. >> >> I don't mind him publicly disclosing stuff, but giving out pre- >> packaged >> binaries with the exploit that any 13 year old could figure out how >> to use >> is a little silly in my opinion. >> >> It's enough to describe the exploit and the specifics related to it. >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Joel R. >> Sent: Friday, August 21, 2009 12:21 AM >> To: Discussion of Half-Life Programming >> Subject: Re: [hlcoders] Fragments memory corruption in the Source >> Engine >> (exploit; arbitary memory access) >> >> Public disclosure is the only way to get something fixed. >> >> On Thu, Aug 20, 2009 at 11:09 PM, Adam "amckern" McKern >> <[email protected]>wrote: >> >>> Dont you just love public disclosure by black hats? >>> >>> -------- >>> Owner Nigredo Studios http://www.nigredostudios.com >>> >>> --- On Fri, 21/8/09, 1nsane <[email protected]> wrote: >>> >>> From: 1nsane <[email protected]> >>> Subject: Re: [hlcoders] Fragments memory corruption in the Source >>> Engine >>> (exploit; arbitary memory access) >>> To: "Discussion of Half-Life Programming" < >> [email protected] >>>> >>> Received: Friday, 21 August, 2009, 12:55 PM >>> >>> And there's still some left. >>> >>> But hey, now this is super public! >>> >>> On Thu, Aug 20, 2009 at 10:49 PM, AzuiSleet <[email protected]> >>> wrote: >>> >>>> These exploits are already public, and have been floating around >>>> for >>> years >>>> before anyway. >>>> >>>> On Thu, Aug 20, 2009 at 8:43 PM, Matt Hoffman >>>> <[email protected]>wrote: >>>> >>>>> Is it really a good idea to post the link? Not everyone on this >>>>> list >>> has >>>>> the >>>>> best intentions, nor do I think anyone can do anything about it? >>> (Correct >>>>> me >>>>> if I'm wrong) >>>>> >>>>> Wouldn't it work better directly mailed to Valve? >>>>> >>>>> On Thu, Aug 20, 2009 at 7:37 PM, Saul Rennison < >>> [email protected] >>>>>> wrote: >>>>> >>>>>> Luigi has found yet another exploit in Valve's up-to-date, >>>>>> unexploitable engine :D >>>>>> >>>>>> >>>>>> >>>>>> Thanks, >>>>>> - Saul. >>>>>> >>>>>> _______________________________________________ >>>>>> To unsubscribe, edit your list preferences, or view the list >>> archives, >>>>>> please visit: >>>>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list >> archives, >>>>> please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>>> >>>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list >>>> archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>>> >>>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list >>> archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>> >>> >>> >>> >>> >>> >> >> ____________________________________________________________________________ >> ______ >>> Find local businesses and services in your area with Yahoo!7 Local. >>> Get started: http://local.yahoo.com.au >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list >>> archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlcoders >>> >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlcoders >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlcoders >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlcoders >> >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list > archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlcoders > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders
