So is not even coded to the cvar, it's just hard coded to 64MB?
Daniel Barreiro <mailto:[email protected]>
Friday, April 25, 2014 10:04 AM
The default is 16, but I did a test and even with it set to 16 on the
client, it only prevented it if it was larger than 64MB.
Sent from my Android Phone. Please ignore any errors.
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Bubka3 <mailto:[email protected]>
Friday, April 25, 2014 8:40 AM
Isn't the limit by default 16? I highly doubt many clients have
changed their cvar setting to allow for a 64MB download...
Kyle Sanderson <mailto:[email protected]>
Friday, April 25, 2014 1:27 AM
I don't know why this update was required for servers.
If we can't extract maps larger then 64M, then this is indeed a
significant problem. Unfortunately a lot of ignorance is present with
shipping assets, and since the VPK system is busted by design. This
definitely needs to get backed out before the weekend. There's a great
deal of CS:S maps that we, along with many other servers,
unfortunately host that are over 250M compressed with bz2.
Uncompressed they're surpassing 500M, primarily due to the fact assets
can't be shipped and mounted via versioned VPKs.
Regards,
Kyle.
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Daniel Barreiro <mailto:[email protected]>
Thursday, April 24, 2014 10:58 PM
I reported it to Eric. It's an issue with how they fixed the
decompressed file size check.
A TL;DR of the entire situation is I found an exploit that allowed you
to zip-bomb clients over fastdl. Reported it. They fixed it by making
FastDL listen to net_maxfilesize. Net_maxfilesize is engine-locked to
64MB, which means even if the map is sent over FastDL, if the
uncompressed file is more than 64MB, it wont download it on the client.
I sent him an email about this issue this caused, and asked if they
could whitelist BSP files. The zip-bomb exploit wont work with BSPs
as you can only send a single bsp file over FastDL per connect, and
the server has to be running the map. That would cause the exploit to
not work.
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Bubka3 <mailto:[email protected]>
Thursday, April 24, 2014 10:53 PM
Is anyone having issues with map downloads after this? It says the map
is missing. I checked my FastDL web server logs and it returned HTTP
200 to the client.
--
Bubka3<http://www.getpostbox.com>
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
