Still having this problem, and it seems that several other people are as
well. When a fork crashes, its process becomes defunct and the only way
I've found to fix this problem is to restart srcds. There's no debug
log or core file generated when the crash happens as far as I can tell.
I
A friend forwarded me this info regarding a vulnerability. I am unable to
test this at the moment, but it does look like it is possible. Thought I
would get this out to the community before others start using this to cause
havoc.
http://www.vupen.com/english/advisories/2009/2296
I have reported this right after the last update two weeks ago.
Unfortunatly, I was the only one with this problem, so Valve decided to do
nothing.
Still having this problem, and it seems that several other people are as
well. When a fork crashes, its process becomes defunct and the only
I too had forks crashing, after i updated sourcemod and sourcebans and
those kinds of things i didn't had any issues anymore..
On Tue, 18 Aug 2009 18:50:34 +0200, Ronny Schedel i...@ronny-schedel.de
wrote:
I have reported this right after the last update two weeks ago.
Unfortunatly, I was the
The crashes occur on a vanilla server.
I too had forks crashing, after i updated sourcemod and sourcebans and
those kinds of things i didn't had any issues anymore..
On Tue, 18 Aug 2009 18:50:34 +0200, Ronny Schedel
i...@ronny-schedel.de
wrote:
I have reported this right after the last
Thanks, anyone knows if a workaround is available?
BTW: aren't security researchers supposed to contact the developers before
releasing 0-day exploits?This is the 2nd 0-day exploy from aluigi in a few
weeks -.-
On Tue, Aug 18, 2009 at 6:44 PM, Morgan Humes mrh9...@lanaddict.com wrote:
A
Sorry, but this must be corrected ;)
-Valve should start coding c++ with steams ;)
+Valve should start coding c++ with streams ;)
Best regards,
Stefan Popp
Stefan Popp schrieb:
Well,
Valve should start coding c++ with steams ;)
Who works with printfs today?
I hope Valve will fix the whole
You'd wish you never bought any Valve games the day this happens.
Stefan Popp wrote:
Sorry, but this must be corrected ;)
-Valve should start coding c++ with steams ;)
+Valve should start coding c++ with streams ;)
Best regards,
Stefan Popp
Stefan Popp schrieb:
Well,
Valve should
The problem is not the programming language, the problem is that Valve trust
their game clients too much.
Well,
Valve should start coding c++ with steams ;)
Who works with printfs today?
I hope Valve will fix the whole source to prevent overflows.
C++ is you friend, not old C stuff...
After i change the map it usually crash my tf2 server.
I did not update yet because i must wait for my gsp to do it.
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
The wish is currently present ;)
Due a lot of stuff valve didnt managed the right way ;)
1. bad code and many ways to crash servers from client side
2. changing engine stuff without telling plugin developer about changes
or any new sdk's
3. no statements about this and a lot of other points ;)
Thats not right ;)
The programming language is the problem in this case. Why should i write
my code with functions that shouldnt be used with C++?
C++ works with the stdlib, which means streams. Not C stuff. So its
finally up to Valve to write programs which follows C++ standards not C.
You
Yes, typically the company is contacted before exploits are released...
In Valve's case though, they are so unwilling to fix anything the
exploits end up being released without a fix.
___
To unsubscribe, edit your list preferences, or view the list
If you are seeing this, it's directly related to a new srcds exploit.
More info on it at http://aluigi.altervista.org/adv/sourcenotvnull-adv.txt
The workaround for this is actually quite trivial. Add tv_enable 1 to
cfg/autoexec.cfg, and (optionally) tv_enable 0 to server.cfg (You only
need
Imo VALVe is still the only one who cares and interacts so much with their
community. Yes they have their flaws, and they can be ugly at times, but hey,
what other dev mails you straight away when you report a bug to resolve it? So
far this only happends to me with VALVe. From other devs u
This 'C stuff' is actually part of the C++ standard library. Also using
streams here would be like trying to eat spaghetti with a single stick
... some will do it, others stick to the fork.
Stefan Popp wrote:
Thats not right ;)
The programming language is the problem in this case. Why
It's not forbidden to mix diffent programming languages, I am sure they also
use Assembler codes. The problem can also occur in C++, because they trust
the client that it sends a valid string, but it can send anything.
Thats not right ;)
The programming language is the problem in this
On 18.08.2009 23:19, Brian Rak wrote:
If you are seeing this, it's directly related to a new srcds exploit.
More info on it at http://aluigi.altervista.org/adv/sourcenotvnull-adv.txt
The workaround for this is actually quite trivial. Add tv_enable 1 to
cfg/autoexec.cfg, and (optionally)
because we want to avoid leaving the TV structure uninitialized
On Tue, Aug 18, 2009 at 9:41 PM, Nikolay Shopik sho...@inblock.ru wrote:
On 18.08.2009 23:19, Brian Rak wrote:
If you are seeing this, it's directly related to a new srcds exploit.
More info on it at
At 03:36 PM 8/18/2009, Ronny Schedel wrote:
It's not forbidden to mix diffent programming languages, I am sure they also
use Assembler codes. The problem can also occur in C++, because they trust
the client that it sends a valid string, but it can send anything.
They only use assembly code to
At 03:36 PM 8/18/2009, Ronny Schedel wrote:
It's not forbidden to mix diffent programming languages, I am sure they also
use Assembler codes. The problem can also occur in C++, because they trust
the client that it sends a valid string, but it can send anything.
They only use assembly code to
If you knew anything about C++ you'd understand how unportable STL is
across various Linux distributions, and how impossible it is to
statically link it into the code.
Thanks,
- Saul.
On 18 Aug 2009, at 21:03, Stefan Popp m...@stefanpopp.de wrote:
Thats not right ;)
The programming
Ronny Schedel wrote:
The problem is not the programming language, the problem is that Valve trust
their game clients too much.
Glad you haven't seen any code from Korean MMORPGs ;)
marcel
___
To unsubscribe, edit your list preferences, or view the
Didn't they use ASM (at least in the Source Engine leak, but that's
very outdated, not to mentioned possibly illegal) for the Sound Engine
and parts of mathlib?
Thanks,
- Saul.
On 18 Aug 2009, at 21:53, Gary Stanley g...@velocity-servers.net
wrote:
At 03:36 PM 8/18/2009, Ronny Schedel
Sry, are you serious? I mean, are you serious?
STL = Standard template library
You are serious we are talking 100% that?
If you really mean its not portable, you should buy a book about C++.
For myself i prefer Bjarne Stroustrup's C++
STL is a part of C++. Every C++ compiler should understand
Ronny Schedel wrote:
The crashes occur on a vanilla server.
Yeah, I will second that (again). It seems to be fairly random as well.
Jay
--
Jay Deiman
\033:wq!
___
To unsubscribe, edit your list preferences, or view the list archives, please
While trivial for someone who knows what they are doing to edit the
code, rebuild and most likely bypass this, the following iptables rule
will drop the exploit as provided for me (tested on a hl2 deathmatch
and cstrike:source server)
# log it
iptables -A INPUT -p udp --dport 27015 -m string
I never said there was an issue compiling it. You will find that other
systems use different library versions for STL, surprisingly, and
cause linkage issues. I know this as I've tried distributing C++
Windows / Linux apps which use STL and it's a headache. I'm only
talking from first hand
Using STL in open-source projects is fine as the system can compile
binaries which link into their libraries. With closed source however,
you are distributing binaries which link with libraries on YOUR
machine, which may not be the same on others.
Thanks,
- Saul.
On 18 Aug 2009, at 22:23,
Well,
sometimes i got some problems with librarys, but with some tweaks my
stuff works to 95% on every linux machine. I dont know how you code and
compile static stuff,
but my/our programs works fine for over 35k customers ;)
Best regards,
Stefan Popp
Saul Rennison schrieb:
Using STL in
Oh… Show me other company that still supports 10 year old games like
Half-Life, by providing community integration, Russian walk prevention and
exploit fixing updates? Maybe EA :-)? These things cost money and they are
not responsible because of some of dumb players, trying to use found game
Company == Support
Its non-sense how many users you have. Look at Mircrosoft or anyone
else. Small, medium, big... makes no sense for the costumer. If i make a
product, i have to support it.
If the EULA doesnt contain anything about support expiration, i call
the support all time i need it.
If you have problems distributing a C++ application that is build
against standardized parts of C++, then you must be doing something
wrong, my friend.
If you have so many linkage problems, try linking statically.
If you already have problems on a source level, the preprocessor
is your friend.
Well, some people just need 10 years to get their shit right...
Evaldas Žilinskas wrote:
Oh… Show me other company that still supports 10 year old games like
Half-Life, by providing community integration, Russian walk prevention and
exploit fixing updates? Maybe EA :-)? These things cost
Thats true ;)
Best example: SAP =D
Oliver Salzburg schrieb:
Well, some people just need 10 years to get their shit right...
Evaldas Žilinskas wrote:
Oh… Show me other company that still supports 10 year old games like
Half-Life, by providing community integration, Russian walk
Jay Deiman wrote:
Ronny Schedel wrote:
The crashes occur on a vanilla server.
Yeah, I will second that (again). It seems to be fairly random as well.
Jay
Happens to me as well, but only on server that are in use.
I also have some forks that are private and have not been used
I wouldn’t call COD2 a game without bugs. :) When did we see last update? Oh
yes… 3 years ago. :-) And talking about Microsoft… Their support is quite
interesting. You call, they tell you how to use your control panel, but when
we go back to the part, when bugs and exploits must be fixed… They
I think our discusion will never end with our argumentations. iam
talking about ethic, and you talk about budget and resources ;)
At least, if you have a problems with a program you have to apply
pressure on the company how made it if you want fixes.
Thats the point of support. And COD2 is dead.
Hey, I didn’t start teaching VALVe employees how to code. It’s easy for you
to say. Did anyone of you release your own game engine? Maybe two? You
people started the flame about “Hey VALVe, drop all your HL2 sources and
rewrite it in C++”. And believe me, your comparing isn’t fear… Releasing
Maybe :)
I guess we start to understand what each other means :)
Let us discuss next time with a litre bavarian beer and Weißwürste.
I pay ;)
- Back to technical topics -
Best regards,
Stefan Popp
Evaldas, GameConnect schrieb:
Hey, I didn’t start teaching VALVe employees how to code. It’s
Finally! Something worth discussing! Bavarian beer! m... ;)
I'll just add my two cents here. There is no other company that I know
of that supports it's modding community as enthusiastically as Valve
does, with the possible exception of Blizzard with the WoW gui modding
community.
41 matches
Mail list logo
