Same here, I have custom maps on mapcycle that are bigger than 64MB on
their natural size. Great update once again!
-ics
E. Olsen kirjoitti:
Great - we have over a dozen payload maps affected by this.
On Fri, Apr 25, 2014 at 12:38 AM, Ross Bemrose <[email protected]
<mailto:[email protected]>> wrote:
For those of you wondering, it was also pushed to TF2 in today's
update, which means maps like pl_cashworks_final1 are broken
because they are larger than 64MB uncompressed.
On 4/24/2014 10:58 PM, Daniel Barreiro wrote:
I reported it to Eric. It's an issue with how they fixed the
decompressed file size check.
A TL;DR of the entire situation is I found an exploit that
allowed you to zip-bomb clients over fastdl. Reported it. They
fixed it by making FastDL listen to net_maxfilesize.
Net_maxfilesize is engine-locked to 64MB, which means even if the
map is sent over FastDL, if the uncompressed file is more than
64MB, it wont download it on the client.
I sent him an email about this issue this caused, and asked if
they could whitelist BSP files. The zip-bomb exploit wont work
with BSPs as you can only send a single bsp file over FastDL per
connect, and the server has to be running the map. That would
cause the exploit to not work.
On Thu, Apr 24, 2014 at 10:53 PM, Bubka3 <[email protected]
<mailto:[email protected]>> wrote:
Is anyone having issues with map downloads after this? It
says the map is missing. I checked my FastDL web server logs
and it returned HTTP 200 to the client.
Eric Smith <mailto:[email protected]>
Thursday, April 24, 2014 7:14 PM
The updates have been released.
-Eric
-----Original Message-----
From: [email protected]
<mailto:[email protected]>
[mailto:[email protected]] On
Behalf Of Eric Smith
Sent: Thursday, April 24, 2014 3:59 PM
To: Half-Life dedicated Win32 server mailing list
([email protected]
<mailto:[email protected]>); Half-Life dedicated
Linux server mailing list ([email protected]
<mailto:[email protected]>);
'[email protected]
<mailto:[email protected]>'
([email protected]
<mailto:[email protected]>)
Subject: [hlds_announce] Mandatory CS:S, DoD:S, and HL2:DM
updates coming soon
We're releasing mandatory updates for CS:S, DoD:S, and
HL2:DM. The notes for the updates are below. The new version
for each game will be 2198641.
The updates should be out in about 15 minutes.
-Eric
======================
- Fixed an issue where plugin_load may load a non-binary
file type
- Fixed an issue where decompressed file sizes were not
being checked by the engine
_______________________________________________
To unsubscribe, edit your list preferences, or view the list
archives, please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
--
Bubka3<http://www.getpostbox.com>
_______________________________________________
To unsubscribe, edit your list preferences, or view the list
archives, please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
_______________________________________________
To unsubscribe, edit your list preferences, or view the list
archives, please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
