Q3 engine infostring crash bug (324538)

The Quake 3 engine has problems to handle big queries allowing an

attacker to shutdown any game server based on this engine:

ERROR: Info_SetValueForKey: oversize infostring

In some of the vulnerable games is also possible to crash the server.

"I have released an universal patcher that limits the amount of handled

data in the queries from 1023 to 512 solving the problem in any game:

[url removed, login to view]"

Using a malware script that floods the server with getstatus requests (aaaaaaaaa), you can take them down - especially Soldier of Fortune 2.

The patch doesnt work fully. When adding a mod to the game, it is still crashable.

More info will be presented to the person that gets hired for the project.

## Deliverables

1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done.

2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables):

a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment.

b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request.

3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).

## Platform

Windows 2003 Server

Soldier of Fortune 2 [url removed, login to view] and [url removed, login to view] including most frequently used mods.

Taidot: Tietoturva, tekniikka, Pelisuunnittelu, MySQL, PHP, tietojärjestelmäarkkitehtuuri, Ohjelmistojen testaus, Verkkoturva

Näytä lisää: soldier for hire, code org games, windows universal, vulnerable, Universal windows, soldier, security patches, http web requests, hired php coder, malware program, windows crash, error bug, data security project based, problem presented, malware code, law problem solving, crash program, game error, game security, script game web based

Tietoa työnantajasta:
( 2 arvostelua ) Amsterdam, Netherlands

Projektin tunnus: #3866607

1 freelanceria on tarjonnut keskimäärin %project_bid_stats_avg_sub_23% %project_currencyDetails_sign_sub_24% tähän työhön


See private message.

$21.25 USD 14 päivässä
(0 arvostelua)