>From a cursory look, hooking CBaseClient::ProcessSetConVar( NET_SetConVar *msg ) and rejecting everything but what a legitimate client sends should fix the underlying issue (a client can fill their m_ConVars up with as much data as they can send to the server, until it runs out of memory and dies)
On Sat, Mar 19, 2016 at 1:48 PM, ics <[email protected]> wrote: > Sounds like an old exploit that has resurfaced. > > -ics > > balon kirjoitti: >> >> Our community can also confirm that we are being flooded as well. >> >> Reference post: https://forums.alliedmods.net/showthread.php?t=280545 >> >> NeutroToxin said: >> "So apparently... >> >> The exploit runs @ 1ms. >> >> And calls client side: setinfo x x >> >> Where x is in a for loop >> >> Sounds like the command executing client side is: >> >> setinfo 1 1 >> setinfo 2 2 >> setinfo 3 3 ... ect" >> > > > _______________________________________________ > Csgo_servers mailing list > [email protected] > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers _______________________________________________ Csgo_servers mailing list [email protected] https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
