[cod] forget about IW2 and get back to work :)

pet games at maxrate.pl
Tue Oct 20 03:29:36 EDT 2009


I have to find some solution, most of my customers order 1.0 version, is 
very popular.


escapedturkey pisze:
> People run 1.0 to support pirated clients. Is this not true? If so, 
> well, our supporting and helping them gives IW justification for 
> dumping dedicated server support.
>
> pet wrote:
>> So :) I have some little problem, which is probably well known:
>>
>> ERROR: Attempted to overrun string in call to va()
>>
>> yep, somebody has messed up on my cod 2 1.0 server
>>
>>
>>
>> "va() is a function of the Quake 3 engine used to quickly build strings
>> using snprintf and a static destination buffer.
>> Read more on: : i3D.net Game Forums 
>> http://forum.i3d.net/call-duty-series-newsletter/48158-cod-cod-ww-1024-bytes-command-exploit.html 
>>
>> If the generated string is longer than the available buffer the server
>> shows an "Attempted to overrun string in call to va()" error and
>> terminates.
>>  From Call of Duty 2 (and consequently) the size of this buffer has
>> been reduced from the original 32000 bytes to only 1024 causing many
>> problems to the admins.
>>
>> So in CoD5 an attacker which has joined the server can exploit this
>> vulnerability through the sending of a command longer than 1024 bytes
>> causing the immediate termination of the server."
>>
>> I try it, and it works. I you send this command to the server, it 
>> will crash:
>>
>> cmd aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 
>> aaaaaaaaaaaaaaaaaaaaaaaa
>>
>>
>> so
>>
>> any solution ?
>>
>>
>> any help will be appreciated.
>>
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>



More information about the cod mailing list