View Issue Details

IDProjectCategoryView StatusLast Update
0000057Volume 2Bugpublic2020-02-01 00:45
ReporterTafferAssigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0000057: Elminate unsafe string handling in dbserver
DescriptionClients talk directly to the dbserver; it's visible to the outside world. dbserver happily passes messages around to the various other servers that aren't exposed to the Internet in general.

dbserver uses unsafe string handling functions (an example would be using "strcpy()" instead of "strncpy()"), which makes it a prime target for buffer overruns/underruns... these sorts of bugs are highly exploitable, and it makes the dbserver a potential target for denial of service attacks.

As a step towards making dbserver more secure, I'll replace unsafe string functions with safe ones.
Additional InformationI haven't looked at the code yet, this was mentioned by @asuffield on Discord.

This type of low-hanging fix will also be applied to the rest of the code, in roughly this order:

* servers that are accessible to the Internet at large
* game client
* servers that are only accessible from other servers.

IMHO this is very important because the messages passed between servers/clients/etc. are all string based.
TagsNo tags attached.
subsystem

Activities

Taffer

2019-05-07 11:00

developer   ~0000040

https://stackoverflow.com/questions/6747995/a-complete-list-of-unsafe-string-handling-functions-and-their-safer-replacements

Taffer

2019-05-18 12:34

developer   ~0000065

This is on hold until we start adding unit tests. Unsafe string handling is bad, but if there's no actual way to exploit it, it's not a big deal.

Issue History

Date Modified Username Field Change
2019-05-06 13:37 Taffer New Issue
2019-05-06 13:37 Taffer Status new => assigned
2019-05-06 13:37 Taffer Assigned To => Taffer
2019-05-07 11:00 Taffer Note Added: 0000040
2019-05-18 12:34 Taffer Note Added: 0000065
2020-02-01 00:45 Chet Assigned To Taffer =>
2020-02-01 00:45 Chet Status assigned => new
2020-02-01 00:45 Chet Product Version Issue 1 =>
2020-02-01 00:45 Chet Target Version Issue 2 =>