Bug 3884 - adminslots.sma: amxres command
adminslots.sma: amxres command
Status: RESOLVED FIXED
Product: AMX Mod X
Classification: Unclassified
Component: Base Plugins
trunk
All All
: P3 normal
Assigned To: amxmodx-bugs@alliedmods.net
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-06-29 22:39 PDT by radiance.gw
Modified: 2014-02-08 23:51 PST (History)
1 user (show)

See Also:


Attachments
Fixed version of adminslots.sma (3.02 KB, text/plain)
2009-09-07 09:18 PDT, Lev2001
no flags Details
Proposed patch (630 bytes, patch)
2009-10-07 14:37 PDT, Lev2001
no flags Details | Diff | Splinter Review

Description radiance.gw 2009-06-29 22:39:13 PDT
Hello, Dear Developers of AMX Mod X.


There is a small bug in one of the main AMXX plugins (adminslots.sma) and there are several programs like "Cheat Engine" and "Art Money" which comes with a memory scanner to quickly scan for variables used within a game and allow you to change them... This bug works via this programs.


When you have been kicked from the server due to slot reservation with a message "Dropped due to slot reservation", you just need to select "hl.exe" process in any program described above, select searching type as "Text" and type "amxres" as searching value, it will find 4 random generated chars by plugin (amxres%c%c%c%c).

After that, you need to type "alias amxresABCD" (ABCD - 4 random generated chars, of course for example) in your console and you can join the server with no free slots from which you had been disconnected.


This bug still works in 1.8.1
Example of program: http://www.cheatengine.org/aboutce.php

Best regards,
Radiance.
Comment 1 Lev2001 2009-09-07 09:18:52 PDT
Created attachment 1700 [details]
Fixed version of adminslots.sma

This a fixed version of adminslots.sma.
It doesn't use amxresXXXX client command anymore.

To be honest I doesn't know why kick is done only in callback from client command.
I use this fix at my server for long time and doesn't spot any issue related to kicking client directly in client_authorized method.

Fix is done by DJ_WEST from Reallite Labs.
Comment 2 David Anderson [:dvander] 2009-09-07 13:24:32 PDT
Please attach source code changes as diffs/patches...
Comment 3 Lev2001 2009-10-07 14:37:10 PDT
Created attachment 1749 [details] [review]
Proposed patch

Ok. Here is an diff file.
BTW Can you give a comment why kicking was in client command callback? Because it is normally working without it.
Comment 4 David Anderson [:dvander] 2009-10-07 15:19:32 PDT
I have no idea. The code is around eight years old and I didn't write it.
Comment 5 Lev2001 2013-02-13 00:16:49 PST
Pushed changeset: http://hg.alliedmods.net/amxmodx-central/rev/0663547089ab
Changelog:
	Directly kick players rather than use a loopback command (bug 3884, r=dvander).
Comment 6 David Anderson [:dvander] 2013-02-13 00:18:05 PST
Thanks for the fix, this looked safe for 1.8.2. FYI I couldn't apply the patch, I'm not sure what format it was in, but it was easy enough to do manually.
Comment 7 AM Bugzilla Bot 2014-02-08 23:51:33 PST
Commit pushed to master at https://github.com/alliedmodders/amxmodx

https://github.com/alliedmodders/amxmodx/commit/121dc75451a8a2f1dbe2eac29c13c8b33001eae2
Directly kick players rather than use a loopback command (bug 3884, r=dvander).


Former-commit-id: dfe1903ecf4faa49b83b85213aa0fbc083fbb0c2

Note You need to log in before you can comment on or make changes to this bug.