Browse Source

engine: fixed vulnerability in NAT bypass mechanism

pull/2/head
SNMetamorph 2 years ago committed by Alibek Omarov
parent
commit
a5ba43ea39
  1. 6
      engine/server/sv_client.c

6
engine/server/sv_client.c

@ -2267,12 +2267,16 @@ void SV_ConnectionlessPacket( netadr_t from, sizebuf_t *msg )
else if( !Q_strcmp( pcmd, "T" "Source" )) SV_TSourceEngineQuery( from ); else if( !Q_strcmp( pcmd, "T" "Source" )) SV_TSourceEngineQuery( from );
else if( !Q_strcmp( pcmd, "i" )) NET_SendPacket( NS_SERVER, 5, "\xFF\xFF\xFF\xFFj", from ); // A2A_PING else if( !Q_strcmp( pcmd, "i" )) NET_SendPacket( NS_SERVER, 5, "\xFF\xFF\xFF\xFFj", from ); // A2A_PING
else if (!Q_strcmp( pcmd, "c" )) else if (!Q_strcmp( pcmd, "c" ))
{
qboolean sv_nat = Cvar_VariableInteger( "sv_nat" );
if( sv_nat )
{ {
netadr_t to; netadr_t to;
if( NET_StringToAdr( Cmd_Argv( 1 ), &to )) if( NET_StringToAdr( Cmd_Argv( 1 ), &to ) && !NET_IsReservedAdr( to ))
SV_Info( to ); SV_Info( to );
} }
}
else if( svgame.dllFuncs.pfnConnectionlessPacket( &from, args, buf, &len )) else if( svgame.dllFuncs.pfnConnectionlessPacket( &from, args, buf, &len ))
{ {
// user out of band message (must be handled in CL_ConnectionlessPacket) // user out of band message (must be handled in CL_ConnectionlessPacket)

Loading…
Cancel
Save