[hlds_linux] Latest release = instant crash on jointeam
Here's the console output, after joining the server, joining a team, and choosing a class. As soon as setup hits, the server crashes. $ uname -a Linux solas 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:50:42 UTC 2011 i686 i686 i386 GNU/Linux console output as follows: Bad pstudiohdr in GetSequenceLinearMotion()! 495/ - tf_wearable: UTIL_SetModel: not precached: models/player/items/all_class/dex_glasses_engineer.mdl 495/ - tf_wearable: UTIL_SetModel: not precached: models/player/items/all_class/dex_glasses_engineer.mdl PreMinidumpCallback: updating dump comment Uploading dump (in-process) [proxy ''] /tmp/dumps/crash_20111018194502_1.dmp success = yes response: CrashID=bp-1886e083-075e-46d9-ba84-65bec2111018 BFD: Warning: /srv/game/tf2/gameserver/orangebox/core is truncated: expected core file size >= 525611008, found: 2633728. warning: exec file is newer than core file. Failed to read a valid object file image from memory. Cannot access memory at address 0xd1baf0 debug.cmds:5: Error in sourced command file: No function contains program counter for selected frame. email debug.log to li...@valvesoftware.com debug.log as follows: -- CRASH: Tue Oct 18 19:50:19 CDT 2011 Start Line: ./srcds_linux -game tf -autoupdate -tickrate 66 +map cp_gravelpit +maxplayers 24 +ip * -threads 3 -pidfile /srv/game/srcds.pid +rcon_password -$ [New LWP 16770] [New LWP 16776] [New LWP 16775] [New LWP 16786] [New LWP 17642] [New LWP 27756] [New LWP 16772] [New LWP 16771] [New LWP 16774] [New LWP 16773] Core was generated by `./srcds_linux -game tf -autoupdate -tickrate 66 +map cp_gravelpit +maxplayers 2'. Program terminated with signal 11, Segmentation fault. #0 0x00932d99 in ?? () #0 0x00932d99 in ?? () No symbol table info available. eax0x1 1 ecx0x5 5 edx0xd1dc30 13753392 ebx0x6c4008 7094280 esp0xd1baf0 0xd1baf0 ebp0xd1db68 0xd1db68 esi0xd1de81 13753985 edi0x98ce0e 10014222 eip0x932d99 0x932d99 eflags 0x10206 [ PF IF RF ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 No shared libraries loaded at this time. End of Source crash report -- Care to try again? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] hlds_linux Digest, Vol 47, Issue 30
I'm going to be brutally honest. This code is not suitable for public use, at all. First file I opened, first lines I read are a massive red flag. see: https://github.com/Snelvuur/SSMS/blob/master/addserver.php lines 15-23. Data is being taken from the $_POST superglobal and inserted into serveral variables Scroll down to about line 74. These previously referenced variables are being inserted directly into a mysql_query unsanitized. see: https://github.com/Snelvuur/SSMS/blob/master/rcon.php#L47 Data directly from $_GET is being used directly in a query, once again unsanitized. Plus, there's zero authentication in place for the "rcon.php" page itself, so virtually anyone can just waltz right in and start firing off RCON commands to the server, no matter who it is. Don't assume that "nobody can see the site, it's safe" - google has a way of finding these things, and script kiddies have their own way of following google in as well. You have multiple SQL injections throughout the code, and I only opened three files to look. XSS looks prevalent throughout, CSRF is easily possible, and at this rate I'm betting there's going to be a shell_exec() or an eval() vuln as well somewhere. http://lmgtfy.com/?q=mysql+sanitize+inputs+php ^ Start reading. To those who've installed this application, remove it *immediately*. > Message: 4 > Date: Sat, 14 Jan 2012 12:38:02 +0100 > From: "Eric Riemers" > To: "'Half-Life dedicated Linux server mailing list'" > > Subject: [hlds_linux] new tool for management > Message-ID: <004901ccd2b0$fa179bb0$ee46d310$@binkey.nl> > Content-Type: text/plain; charset="us-ascii" > > All, > > My contribution to management and automatic updates. I hope people find it > usefull. > https://forums.alliedmods.net/showpost.php?p=1623326&postcount=1 > > Erik > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] hlds_linux Digest, Vol 47, Issue 30
Okay then, feel free to install it. Be sure to drop by on 4chan and leave them a link to your installations, too. I'm sure they'd appreciate a the donation of zombie systems with an ignorant admins to exploit and infect. :) Also to Eric, change your MySQL user/password now and get the username/password/database connection information out of status.php ASAP. You left that stuff in and committed it. Github's got a guide on removing sensitive data from repos here: http://help.github.com/remove-sensitive-data/ > Re: [hlds_linux] hlds_linux Digest, Vol 47, Issue 30 > Phil Tann > Sat, 14 Jan 2012 13:16:45 -0800 > > So we can expect your alternative option to be posted on allied mods when? > > PryMaL > pry...@geekout.info > *Sent from my Android* ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] hlds_linux Digest, Vol 42, Issue 64
> > 1) > > Have something that popped up in steamclient.so > > $ ldd dedicated.so > linux-gate.so.1 => (0x00af5000) > libsteam_api.so => not found > libtier0.so => not found > libvstdlib.so => not found > libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x00c46000) > libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x00211000) > libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x006eb000) > /lib/ld-linux.so.2 (0x00b48000) > libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00725000) > > $ ldd steamclient.so > ./steamclient.so: /usr/lib/libstdc++.so.6: version `GLIBCXX_3.4.14' not > found (required by ./steamclient.so) > linux-gate.so.1 => (0x002f4000) > libtier0_s.so => not found > libvstdlib_s.so => not found > libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x0011) > libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x00136000) > libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x0013a000) > libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x0023) > /lib/ld-linux.so.2 (0x0074e000) > libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00333000) > libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x00249000) > > 2) > > $ ls | grep libstdc++.so.6 > libstdc++.so.6 > ^ Apparently so > > 3) > > Ubuntu 10.04.3 LTS, 32 bit > > $ uname -a > Linux solas 2.6.38-10-generic #46~lucid1-Ubuntu SMP Wed Jul 6 18:40:11 UTC > 2011 i686 GNU/Linux > > Message: 5 > Date: Mon, 15 Aug 2011 22:38:15 + > From: Fletcher Dunn > To: Half-Life dedicated Linux server mailing list > > Subject: [hlds_linux] Server not starting? > Message-ID: >< > 15cb9173c78d1b4a97b0715577295eb0b5a70...@exchange10.valvesoftware.com> > > Content-Type: text/plain; charset="us-ascii" > > The new steamworks SDK was compiler with a newer compiler, which requires a > newer version of the stand C lib than many distributions come with. We > included this lib in the update, but apparently that isn't working for > everybody. This new dependency was the cause of the delay last week. > > > Linux users, please reply with this info: > > > > 1.) From the bin folder, send me the output of the following command: > > > > ldd dedicated.so > > ldd steamclient.so > > > > 2.) Confirm that you have a libstdc++.so.6 in your folder? > > > > 3.) What distribution are you using? > > > > We believe that the SteamWorks integration is also the cause of the client > crashes, and are hoping to have that resolved within the hour. > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] [hlds] TF2 crashes fixed
Just found this in my logs, it popped up during a scheduled server shutdown/restart. ipcserver.cpp (956) : Assertion Failed: FD_ISSET( fd, (fd_set *)m_pfdset ) /home/VALVE/rackadmin/buildslave/steam_rel_client_linux/build/src/clientdll/../common/ipcserver.cpp 956 Assertion Failed: FD_ISSET( fd, (fd_set *)m_pfdset ) I have no /home/VALVE/ directory, for the record. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux