[quake3-commits] r2289 - trunk/code/server

[DONOTREPLY at icculus.org]

Author: thilo
Date: 2012-07-01 10:18:31 -0400 (Sun, 01 Jul 2012)
New Revision: 2289

Modified:
   trunk/code/server/sv_main.c
Log:
prevent using getinfo as an amplifier for DDOS attacks (#5678). Patch by DevHC


Modified: trunk/code/server/sv_main.c
===================================================================
--- trunk/code/server/sv_main.c	2012-06-29 18:35:55 UTC (rev 2288)
+++ trunk/code/server/sv_main.c	2012-07-01 14:18:31 UTC (rev 2289)
@@ -377,6 +377,7 @@
 
 static leakyBucket_t buckets[ MAX_BUCKETS ];
 static leakyBucket_t *bucketHashes[ MAX_HASHES ];
+static leakyBucket_t outboundLeakyBucket;
 
 /*
 ================
@@ -549,7 +550,6 @@
 	int		statusLength;
 	int		playerLength;
 	char	infostring[MAX_INFO_STRING];
-	static leakyBucket_t bucket;
 
 	// ignore if we are in single player
 	if ( Cvar_VariableValue( "g_gametype" ) == GT_SINGLE_PLAYER ) {
@@ -565,7 +565,7 @@
 
 	// Allow getstatus to be DoSed relatively easily, but prevent
 	// excess outbound bandwidth usage when being flooded inbound
-	if ( SVC_RateLimit( &bucket, 10, 100 ) ) {
+	if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) {
 		Com_DPrintf( "SVC_Status: rate limit exceeded, dropping request\n" );
 		return;
 	}
@@ -615,6 +615,20 @@
 		return;
 	}
 
+	// Prevent using getinfo as an amplifier
+	if ( SVC_RateLimitAddress( from, 10, 1000 ) ) {
+		Com_DPrintf( "SVC_Info: rate limit from %s exceeded, dropping request\n",
+			NET_AdrToString( from ) );
+		return;
+	}
+
+	// Allow getinfo to be DoSed relatively easily, but prevent
+	// excess outbound bandwidth usage when being flooded inbound
+	if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) {
+		Com_DPrintf( "SVC_Info: rate limit exceeded, dropping request\n" );
+		return;
+	}
+
 	/*
 	 * Check whether Cmd_Argv(1) has a sane length. This was not done in the original Quake3 version which led
 	 * to the Infostring bug discovered by Luigi Auriemma. See http://aluigi.altervista.org/ for the advisory.