I've searched for more information about this case. vcrash bug is explained on these sites
http://dragons-portal.org/forum/viewtopic.php?f=31&t=2261 http://www.zhyk.org/showthread.php?t=84068 Use Google Translate to translate it from Russian to English. Also with zhyk.org - you can use Google cache while their page returns 502 In short [from dragons-portal, translated by Google Translate] here's how it works: The server drops due to the data in the second package: Code: Select all 00 00 00 01 00 00 00 00 5B 19 01 01 1B 01 11 41 01 11 41 01 56 04 18 41 04 54 14 04 11 51 41 44 53 41 11 01 41 11 01 01 This encrypted data. In fact, this message when decoding is as follows: Code: Select all 08 44 44 44 44 44 44 44 In this line 8 means a package type clc_voicedata (ie, voice data from the player). Follow 2 bytes (0x4444) - is the length of voice data. And as you know if a value greater than 0x1000 servak himself falls (an error "Host_Error: SV_ParseVoiceData: invalid incoming packet" and exits). As you see - there's only standard buffer overflow. 2010/3/4 Saul Rennison <[email protected]>: > The code is 7 years old ;) > There are also clue about occuring of this case back in... 2002 ! http://www.mail-archive.com/hlds_linux%40list.valvesoftware.com/msg04428.html BTW. I have also added dump of 3 packets of running hlds_fuck - its crashes server in connect packet. BTW2. You can read .pcap files by Wireshark or tcpdump. -- Damian _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
