mirror of
https://github.com/UberGames/lilium-voyager.git
synced 2025-01-18 13:41:37 +00:00
prevent using getinfo as an amplifier for DDOS attacks (#5678). Patch by DevHC
This commit is contained in:
parent
b340c9d835
commit
a3c7003d9c
1 changed files with 16 additions and 2 deletions
|
@ -377,6 +377,7 @@ struct leakyBucket_s {
|
|||
|
||||
static leakyBucket_t buckets[ MAX_BUCKETS ];
|
||||
static leakyBucket_t *bucketHashes[ MAX_HASHES ];
|
||||
static leakyBucket_t outboundLeakyBucket;
|
||||
|
||||
/*
|
||||
================
|
||||
|
@ -549,7 +550,6 @@ static void SVC_Status( netadr_t from ) {
|
|||
int statusLength;
|
||||
int playerLength;
|
||||
char infostring[MAX_INFO_STRING];
|
||||
static leakyBucket_t bucket;
|
||||
|
||||
// ignore if we are in single player
|
||||
if ( Cvar_VariableValue( "g_gametype" ) == GT_SINGLE_PLAYER ) {
|
||||
|
@ -565,7 +565,7 @@ static void SVC_Status( netadr_t from ) {
|
|||
|
||||
// Allow getstatus to be DoSed relatively easily, but prevent
|
||||
// excess outbound bandwidth usage when being flooded inbound
|
||||
if ( SVC_RateLimit( &bucket, 10, 100 ) ) {
|
||||
if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) {
|
||||
Com_DPrintf( "SVC_Status: rate limit exceeded, dropping request\n" );
|
||||
return;
|
||||
}
|
||||
|
@ -615,6 +615,20 @@ void SVC_Info( netadr_t from ) {
|
|||
return;
|
||||
}
|
||||
|
||||
// Prevent using getinfo as an amplifier
|
||||
if ( SVC_RateLimitAddress( from, 10, 1000 ) ) {
|
||||
Com_DPrintf( "SVC_Info: rate limit from %s exceeded, dropping request\n",
|
||||
NET_AdrToString( from ) );
|
||||
return;
|
||||
}
|
||||
|
||||
// Allow getinfo to be DoSed relatively easily, but prevent
|
||||
// excess outbound bandwidth usage when being flooded inbound
|
||||
if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) {
|
||||
Com_DPrintf( "SVC_Info: rate limit exceeded, dropping request\n" );
|
||||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
* Check whether Cmd_Argv(1) has a sane length. This was not done in the original Quake3 version which led
|
||||
* to the Infostring bug discovered by Luigi Auriemma. See http://aluigi.altervista.org/ for the advisory.
|
||||
|
|
Loading…
Reference in a new issue