I started to back trace this and what i found first was that if you SAY something on any channel you disconnect everyone from the server if your msg is formed as follows:
-the actual msg being said is 230 charracters long
-u have four over 7bit charracters (bytes) there (all the realworld charracters like ├â┬ñ├â┬Â├â┬Ñ)
so you have 4x8bit signed variables that should be unsigned.
now the client says that it has gotten bad data from the server after you sent this to the server. now i sniffed and the server does not reply anything. So what makes the client think like this - well i asume there is some function(s) that uses these variables that should be unsigned - and if you pass them signed values they do all sorta crazy stuff and the client thinks the server has sent something.
Now i had fun finding out all this - so post here what the actual problem was - i think you have now a good clue where to start to search and what to search.
To sum it up:
Search from: Client code (HA HA eat pascal)
Search for: signed variables lenght of 8 (or perhaps 32bit but used in some funny way)
Now there is also big possiblity that this is not it becaus i dont have any idea how pascal is writen but this might be one of good pointers to the right direction.
Lobby / Client bug - disconnecting after certain string
Moderator: Moderators
Re: Lobby / Client bug - disconnecting after certain string
There is already a ticket in mantis of this but the ticket is locked because it was linked from forum and got alot of attention.
Some wild guesses
By sniffin i got that my data that i sent was:
plus two termination charracters. This makes the string lenght to 241 charracters - remove one and (string cant be empty - it always has to have that NULL) you get nice looking binary number 11110000 - four low bits empty - maybe this has something to do with the bug.
By sniffin i got that my data that i sent was:
Code: Select all
SAY test *form the sentence here*
Last edited by Drawer on 03 Nov 2006, 06:36, edited 1 time in total.
Agreed - yet i am still going to leave the actual explanation here since most people who are able to understand the explanation and i trust that those who do are not going to abuse it.LordMatt wrote:Angel, I wasn't thinking earlier (and hadn't had a chance to check the forums), but it isn't a good idea to post this stuff publically for obvious reasons. I'm not a forum mod, so I can't move this, but one of the forum mods should maybe move this to the private forum.
now that i think this during 8pm it seems more of a just coincidenceDrawer wrote:Some wild guesses
plah plah remove one and (string cant be empty - it always has to have that NULL) you get nice looking binary number 11110000 - four low bits empty - maybe this has something to do with the bug.
also this bug seems to follow somekinda pattern. i tried to create over 230 long message and spread the "special letters" randomly - yet it did not crash. Then i created another longer (about 400 chars) string having some "special charracters at the end and it crashed. Interesting. I think there might be some kinda clear pattern to this...
I just realized all the bots on spring lobby can be crashed by this also and they are not writen so that they would use the lobby code in anyway - still the server does not seem to sent anything back - or i cant filter it in with the sniffer. Interesting. It might be server problem after all. Ill test with my own server in a moment and try to reproduce it.