Hi,
I have no idea how this can happen to a server - if the patch got loaded it prevents anything beyond 255 characters from being passed to the original function.
I'm guessing, since no one else is reporting crashes/hangs/overflows, that this isnt related to your patch. Frank, are you sure beyond a doubt? If the patch wasnt working, or was crashing servers, don't you think we would see more comments here? I *know* attacks stopped against my servers once i applied the patch.
We have over a dozen servers using that patch on 3.1.1.0.c, all were tested after patching and none have went down since it was applied. I think Frank is doing something wrong. Watch your server output when you fire it up Frank, I forgot to put the .so file in the hlds_l dir on one of the servers I upgraded but caught the mistake when I saw it looking for the file on startup.
Thank you for your answers. We are investigating further into it and will retry this test.
Ok here we go. We just found the problem and it is persistent, but not as bad as supposed first. We tested it again at our LAN server and he was vulnerable again after 2 attacks. Ok, switching over to inet via 'sv_lan 0' and it works fluently. Hammered on the server with the exploit-tool but it was not going down. Switched back to lan with 'sv_lan 1' and after 2 attacks it goes to it knees.
That would be no big problem for most of you, but I'm running LAN servers too, and I don't want it to be killed by a kiddy during a tournament or similiar. Therefor when the server is running in LAN mode, another function seems to be responsible for the exploit.
I hope Dominic would take a look into this problem and could fix it.
Thx go to Bernhard again for his help.
cheers Frank
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
