About VERGE


 
SocketGetString badness
Displaying 1-8 of 8 total.
1
Please enter a numerical value for the importance of this sticky.
Enter 0 to unsticky.
Overkill
If a client sends a server a string that isn't to Verge's liking (ie. isn't verge formatted) it'll crash the server hard. It exits with:


Exiting: SocketGetString() - packet being received is not a string


So if you send plain text strings, with no special characters for verge, it'll bring it down. So... Just thought I'd let you know since it could be a problem if someone abuses this when connecting to Verge servers.

Posted on 2005-07-27 18:35:43

Overkill
It also seems sometimes SocketSendString() isn't sending valid string packets to be parsed by SocketGetString(). So, a Verge-built client crash a Verge-built server. It's kind of bad, since the server may not always be able to give clients the assumed signal that the server has downed. I dunno, but could someone look into this?

Posted on 2005-08-03 09:51:48

Jesse
If you have some sample code that will cause this to happen, that would be useful.

The receiver is supposed to exit if the wrong kind of data is coming through; I'm not sure that's a good idea, but it's intentional. If it's mis-reading strings, though, that's bad.

Posted on 2005-08-03 12:20:28

Overkill
I'd much rather it disconnect the person sending invalid queries to the server.

Posted on 2005-08-06 17:08:01

Jesse
That's fine, but what happens on the server end?

Posted on 2005-08-07 09:10:41

vecna
Oh yeah, i see what you're saying now finally. You could connect to a verge server and send it bad data and the server would terminate. So.. yeah, upon READING bad data, it should probably drop and return '' or something.

Not sure if it should put something in the log or not. Without logging it would be confusing. With the logging, you could still spam a server and slow it down bad. But I guess thats pretty much inevitable, really. You can DoS anything.

Posted on 2005-08-11 19:46:40

Jesse
The problem is that '' is a valid return value - how can we distinguish between an error '' and a sent ''? SocketError() or maybe just SocketConnected()?

Posted on 2005-08-11 23:57:32

Jesse
I don't see anything in the code that obviously could cause this. Do you have a testcase?

Posted on 2005-10-19 18:35:12


Displaying 1-8 of 8 total.
1
 
Newest messages
I Like Ham.
in Castle Heck
(by ThinIce on 2018-08-17)
Steamworks Integration
in VERGE Developers Forum
(by Eldritch05 on 2018-08-16)
Entity Issues
in VERGE Help
(by Rysen on 2018-06-05)
Epic of Serinor: Dawnshadow
in General Discussion
(by Rysen on 2018-05-13)

Ben McGraw's lovingly crafted this website from scratch for years.
It's a lot prettier this go around because of Jon Wofford.
Verge-rpg.com is a member of the lunarnet irc network, and would like to take this opportunity to remind you that regardless how babies taste, it is wrong to eat them.