New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RCON kick/ban can crash the server #7976
Milestone
Comments
Pretty sure the bug here is that you can kick the host. Everything that happens after that will likely be doing some sort of invalid memory access, making the detail of the crash nondeterministic
|
Typically enough, the server is protected from kicking itself for client id, but not IP: Lines 477 to 505 in 58c8ff4
|
glx22
added a commit
to glx22/OpenTTD
that referenced
this issue
Feb 7, 2020
douiwby
pushed a commit
to douiwby/OpenTTD
that referenced
this issue
Apr 16, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WARNING
This exploit can be used to crash any server provided you know the
rcon
password and that the server has the console commandsrcon
,kick
, andban
enabled.Version of OpenTTD
58c8ff4
Expected result
RCON kick/ban does not crash the server. If used to target yourself (using your IP address), RCON kick/ban fails.
Actual result
RCON kick/ban crashes your server if used to target yourself by specifying your exact address.
Server crash log
(Note: Some details of the crash log, such as the location and parts of the stack trace, can vary widely between successful reproductions.)
Steps to reproduce
(n)
.rcon (n) "kick ::1"
, making sure to replace::1
with your address.The text was updated successfully, but these errors were encountered: