Exploit causes client crashes

Question

Exploit causes client crashes

Closed this issue 2 years ago · 5 comments

Hello,

Someone joined my server and entered this into the chat, which caused all clients to disconnect and they were unable to reconnect until the server was restarted.

<font=BigChatText>: <translate=rand(-500,500), rand(-500,500)>JEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISHJEWISH

Answer 1 · 2022-07-31T09:37:03.000Z

As bad as it looks like:

I was unable to reproduce a crash of any sort, tried in p2p, sp and on a server with a lot of content and other players. Most likely a side-effect of this is more likely to have crashed your players, e.g not enough RAM, some ill-fated condition in the source engine etc...

Answer 2 · 2022-07-31T15:12:30.000Z

Some additional context from the same server when this happened from our discord chatsync.

Users tried rejoining after and got a similar disconnect message. We had to restart before anyone could reconnect. For some reason the user who sent the message wasn't disconnected. I suspect it might not be related to EasyChat, maybe P2M? but there's not a lot to go off of. Checked the server log and didn't see any errors at the time or other suspicious behavior.

Answer 3 · 2022-07-31T18:31:24.000Z

@mrlazorz I feel it might be whatever your discord addon is doing. Usually when you get the buffer overflown like that it means the server or the client has been spamming net messages on the reliable channel. So do check if the discord addon is not doing some kind of loop in sending network messages, or any other addon that you may have.

I can't do anything on my side about this unfortunately.

Answer 4 · 2022-08-04T10:40:43.000Z

Closing this as the issue is not on ECs side.

Answer 5 · 2022-11-20T16:47:28.000Z

Hi, to follow this up (even after it's closed), we did discover an OnPlayerChat hook from a different add-on returning true for all chat messages, which was of course interfering with EasyChat's OnPlayerChat hooks by prematurely suppressing the messages. Had to really dig for that one, it wasn't too obvious. Apologies!