summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThilo Schulz <arny@ats.s.bawue.de>2012-07-01 14:18:31 +0000
committerTim Angus <tim@ngus.net>2013-01-12 20:46:28 +0000
commitba818d148b17cf9c054f06570c00cee8e92fee6d (patch)
tree9201751c814dc433d7c9ced151e728798034d52a
parent3f86ab4a2a4bc6ee948e9efc357e8eef772b8012 (diff)
prevent using getinfo as an amplifier for DDOS attacks (#5678). Patch by DevHC
-rw-r--r--src/server/sv_main.c18
1 files changed, 16 insertions, 2 deletions
diff --git a/src/server/sv_main.c b/src/server/sv_main.c
index 0d15f2c2..bee0ec19 100644
--- a/src/server/sv_main.c
+++ b/src/server/sv_main.c
@@ -394,6 +394,7 @@ struct leakyBucket_s {
static leakyBucket_t buckets[ MAX_BUCKETS ];
static leakyBucket_t *bucketHashes[ MAX_HASHES ];
+static leakyBucket_t outboundLeakyBucket;
/*
================
@@ -566,7 +567,6 @@ static void SVC_Status( netadr_t from ) {
int statusLength;
int playerLength;
char infostring[MAX_INFO_STRING];
- static leakyBucket_t bucket;
// Prevent using getstatus as an amplifier
if ( SVC_RateLimitAddress( from, 10, 1000 ) ) {
@@ -577,7 +577,7 @@ static void SVC_Status( netadr_t from ) {
// Allow getstatus to be DoSed relatively easily, but prevent
// excess outbound bandwidth usage when being flooded inbound
- if ( SVC_RateLimit( &bucket, 10, 100 ) ) {
+ if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) {
Com_DPrintf( "SVC_Status: rate limit exceeded, dropping request\n" );
return;
}
@@ -622,6 +622,20 @@ void SVC_Info( netadr_t from ) {
char *gamedir;
char infostring[MAX_INFO_STRING];
+ // Prevent using getinfo as an amplifier
+ if ( SVC_RateLimitAddress( from, 10, 1000 ) ) {
+ Com_DPrintf( "SVC_Info: rate limit from %s exceeded, dropping request\n",
+ NET_AdrToString( from ) );
+ return;
+ }
+
+ // Allow getinfo to be DoSed relatively easily, but prevent
+ // excess outbound bandwidth usage when being flooded inbound
+ if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) {
+ Com_DPrintf( "SVC_Info: rate limit exceeded, dropping request\n" );
+ return;
+ }
+
/*
* Check whether Cmd_Argv(1) has a sane length. This was not done in the original Quake3 version which led
* to the Infostring bug discovered by Luigi Auriemma. See http://aluigi.altervista.org/ for the advisory.