fix for server join-request flood attack

efroemling · Oct 27, 2023 · 03675a2 · 03675a2
1 parent f31087d
commit 03675a2
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 26 deletions.
diff --git a/.efrocachemap b/.efrocachemap
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,4 @@
-### 1.7.28 (build 21524, api 8, 2023-10-27)
+### 1.7.28 (build 21525, api 8, 2023-10-27)
 
 - Massively cleaned up code related to rendering and window systems (OpenGL,
   SDL, etc). This code had been growing into a nasty tangle for 15 years
@@ -174,6 +174,8 @@
   leave to prevent game exploits. Note this is different than the existing
   system that prevents joining a *party* for 10 seconds; this covers people
   who never leave the party (Thanks EraOSBeta!).
+- Fixes an issue where servers could be crashed by flooding them with join
+  requests (Thanks for the heads-up Era!).
 
 ### 1.7.27 (build 21282, api 8, 2023-08-30)
 

diff --git a/src/assets/ba_data/python/baenv.py b/src/assets/ba_data/python/baenv.py
@@ -52,7 +52,7 @@
 
 # Build number and version of the ballistica binary we expect to be
 # using.
-TARGET_BALLISTICA_BUILD = 21524
+TARGET_BALLISTICA_BUILD = 21525
 TARGET_BALLISTICA_VERSION = '1.7.28'
 
 

diff --git a/src/ballistica/scene_v1/support/client_input_device_delegate.cc b/src/ballistica/scene_v1/support/client_input_device_delegate.cc
@@ -29,8 +29,14 @@ void ClientInputDeviceDelegate::AttachToLocalPlayer(Player* player) {
     }
 
     // We also need to send an old-style message as a fallback.
+    //
     // FIXME: Can remove this once backwards-compat-protocol is > 29.
-    {
+    //
+    // UPDATE: Only send this if player id fits. This could cause problems
+    //   for older clients in very rare cases, but the only alternative is
+    //   to not support those clients. I doubt there are many such old
+    //   clients out there anyway.
+    if (player->id() < 256) {
       std::vector<uint8_t> data(3);
       data[0] = BA_MESSAGE_ATTACH_REMOTE_PLAYER;
       data[1] = static_cast_check_fit<uint8_t>(remote_device_id_);

diff --git a/src/ballistica/scene_v1/support/scene_v1_input_device_delegate.cc b/src/ballistica/scene_v1/support/scene_v1_input_device_delegate.cc
@@ -73,8 +73,8 @@ void SceneV1InputDeviceDelegate::RequestPlayer() {
     return;
   }
 
-  // If we have a local host-session, ask it for a player.. otherwise if we have
-  // a client-session, ask it for a player.
+  // If we have a local host-session, ask it for a player.. otherwise if we
+  // have a client-session, ask it for a player.
   assert(g_base->logic);
   if (auto* hs = dynamic_cast<HostSession*>(appmode->GetForegroundSession())) {
     {

diff --git a/src/ballistica/shared/ballistica.cc b/src/ballistica/shared/ballistica.cc
@@ -39,7 +39,7 @@ auto main(int argc, char** argv) -> int {
 namespace ballistica {
 
 // These are set automatically via script; don't modify them here.
-const int kEngineBuildNumber = 21524;
+const int kEngineBuildNumber = 21525;
 const char* kEngineVersion = "1.7.28";
 const int kEngineApiVersion = 8;