ASk Posted April 12, 2005 Posted April 12, 2005 There's a buffer overflow in G_Printf [local buffer of 1024 bytes, which can be overflowed] that allows a person to execute arbitrary shellcode, and/or crash the server Exploitable by any person connected to a server and having access to /say or /tell Perhaps that should be fixed.
Tinny Posted April 12, 2005 Posted April 12, 2005 I think Slider has an external patch of this or something in his newest release of JA+.
stubert Posted April 24, 2005 Posted April 24, 2005 are you really worried about the JK gaming community knowing what an exploit is?
Wudan Posted May 5, 2005 Posted May 5, 2005 It's not the people who don't know what an exploit is he's worried about, it's the people who do. This is a significant problem, and there are more than enough linux hosts who should be worried about this.
ensiform Posted May 21, 2005 Posted May 21, 2005 For g_syscalls.c void trap_SendServerCommand( int clientNum, const char *text ) { // CHRUKER: b001 - Oversize server commands // rain - hack - commands over 1022 chars will crash the // client upon receipt, so ignore them if( strlen( text ) > 1022 ) { G_LogPrintf( "trap_SendServerCommand( %d, ... ) length exceeds 1022.\n", clientNum ); G_LogPrintf( "text [%s]\n", text ); // -- reyalP G_LogPrintf is limited to 1024, so the above will be truncated and // next log message will be on the same line G_LogPrintf( "]... truncated\n", text ); return; } syscall( G_SEND_SERVER_COMMAND, clientNum, text ); }
Recommended Posts
Archived
This topic is now archived and is closed to further replies.