[Freeciv-Dev] Re: (PR#8457) No assertion in post_receive_packet_player_a
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
<URL: http://rt.freeciv.org/Ticket/Display.html?id=8457 >
On Mon, Apr 05, 2004 at 09:26:27PM -0700, Jason Short wrote:
>
> <URL: http://rt.freeciv.org/Ticket/Display.html?id=8457 >
>
> > [i-freeciv-lists@xxxxxxxxxxxxx - Mon Apr 05 11:05:36 2004]:
>
> > It is quite possible that there is some way for a client to crash a
> > server. I don't think this is a big enough in practice to do a full
> > solution (audit all input paths, write a random data generator,...).
>
> What!?!?
>
> Surely we should audit all input paths? Any random testing methods
> should only be an addition to this.
>
> I know there have been bugs here in the past. I've tried to write some
> of them. Anyone looking for something to work on?
Note that there are two levels here.
The first the checking for a well-formed packet. Is the packet too
short, too long, does it contain too arrays and so on.
The second level is checking for valid values in a well-formed
packet. Does the player tries to move unit which he doesn't own and so
on.
IMHO hard segv can only happen in the first level. We have done a lot
of work in both parts and I'm quite sure that we have a high level of
checking here. But I would be suprised if we overlooked some parts.
Raimar
--
email: rf13@xxxxxxxxxxxxxxxxx
One nuclear bomb can ruin your whole day.
|
|
