[mohaa] MOHAA linux server with potential exploit fix.

[Ryan C. Gordon]

Steven Hartland wrote:
> Does this also include the other crash fix?
> I've lost my link to the details but the diff shows:
> [diff]
> diff -a fgameded.so fgameded.so.orig
> 5793c5793
> < Bad hash code value: %scurrent thread is NULLNULL_Legs.st_Torso.stPAINxnnlontznlod_yawlod_pitchlod_rolllod_angleslod_discardMust
> specify a model namelod_tikiname1dtizlqpsError in model '%s', LOD model not spawned.cg_drawviewmodel 0

Oh, right. The UBoat spawn hack. I forgot about that. Here's what's 
going on with that:

There are some console commands that remote, non-admin clients can 
execute on the server. "lod_spawn" is one of them. You can use it to, 
say, create a submarine in the middle of the map, which causes all sorts 
of havok for various reasons. Technical reasons aside, there's a damned 
boat in the middle of the map.  :)

There wasn't ever a real fix for MOHAA, so people just patched the 
binary and scrambled the "lod_spawn" string, so if someone tried to use 
it, the command just wouldn't be found ("lod_spawn? What's THAT?!").

The problem is that everyone scrambled it in the same way from one 
universal binary patch. So someone out there could be smart enough to 
type in "xnnlontzn" instead of "lod_spawn" and get the same result, so 
this is really a non-fix unless you go in and scramble those bytes in a 
way unique to your server. Alternately, writing a null char to the start 
of the string might "fix" it too, but I'm not certain, since then there 
isn't a valid console command that matches.

All that rambling aside, Spearhead has a legitimate fix for this which I 
just backported into MOHAA (build with this fix in a moment). Basically 
it checks if the game is running in single-player mode before allowing 
certain commands (such as lod_spawn and lod_tool) to execute...therefore 
the dedicated server will drop these commands from remote players and 
life goes on as normal.

--ryan.