View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000057||Volume 2||Bug||public||2019-05-06 13:37||2020-02-01 00:45|
|Target Version||Fixed in Version|
|Summary||0000057: Elminate unsafe string handling in dbserver|
|Description||Clients talk directly to the dbserver; it's visible to the outside world. dbserver happily passes messages around to the various other servers that aren't exposed to the Internet in general.|
dbserver uses unsafe string handling functions (an example would be using "strcpy()" instead of "strncpy()"), which makes it a prime target for buffer overruns/underruns... these sorts of bugs are highly exploitable, and it makes the dbserver a potential target for denial of service attacks.
As a step towards making dbserver more secure, I'll replace unsafe string functions with safe ones.
|Additional Information||I haven't looked at the code yet, this was mentioned by @asuffield on Discord.|
This type of low-hanging fix will also be applied to the rest of the code, in roughly this order:
* servers that are accessible to the Internet at large
* game client
* servers that are only accessible from other servers.
IMHO this is very important because the messages passed between servers/clients/etc. are all string based.
|Tags||No tags attached.|
||This is on hold until we start adding unit tests. Unsafe string handling is bad, but if there's no actual way to exploit it, it's not a big deal.|
|2019-05-06 13:37||Taffer||New Issue|
|2019-05-06 13:37||Taffer||Status||new => assigned|
|2019-05-06 13:37||Taffer||Assigned To||=> Taffer|
|2019-05-07 11:00||Taffer||Note Added: 0000040|
|2019-05-18 12:34||Taffer||Note Added: 0000065|
|2020-02-01 00:45||Chet||Assigned To||Taffer =>|
|2020-02-01 00:45||Chet||Status||assigned => new|
|2020-02-01 00:45||Chet||Product Version||Issue 1 =>|
|2020-02-01 00:45||Chet||Target Version||Issue 2 =>|