danielga / gmsv_serversecure Goto Github PK
View Code? Open in Web Editor NEWA module for Garry's Mod that mitigates exploits on the Source engine.
Home Page: https://github.com/danielga/gmsv_serversecure
License: Other
A module for Garry's Mod that mitigates exploits on the Source engine.
Home Page: https://github.com/danielga/gmsv_serversecure
License: Other
Serversecure always reply with real maxplayers, ignoring sv_visiblemaxplayers.
I thought I can fix it myself, but after get the compiler working I was like: "wait... how do I get a ConVar value in C++?"...
When I use this module my server crashes after 5-10 minutes worktime.
Also if it's important the server will be crash only if it have 2+ players online.
CRASH: Wed Oct 14 12:18:33 MSK 2015
Start Line: ./srcds_linux -console -game garrysmod -condebug +exec server.cfg -tickrate 32 -port 28082 -authkey D11BEE3E7A21**************700C69 +host_workshop_collection 462***075 +hunkalloclightmaps 0 +maxplayers 50 +map rp_evocity2_v2p -debug
[New LWP 29153]
[New LWP 29154]
[New LWP 29159]
[New LWP 29260]
[New LWP 29259]
[New LWP 29271]
[New LWP 29171]
[New LWP 29155]
[New LWP 29158]
[New LWP 29164]
[New LWP 29175]
[New LWP 29156]
[New LWP 29157]
[New LWP 29173]
#0 0xf750600c in ?? ()
End of Source crash report
I use this version of the module: https://github.com/danielga/gmsv_serversecure/releases/tag/1.2.1
My OS is Ubuntu Server 12.04
As the title suggests. Would it possible to release a 64bit version of this module for Windows servers?
I'm getting this error when trying to create vs2010 project from premake:
Error: ...inary/gmsv_serversecure/projects/premake5.lua:22: attempt to call global 'CreateSolution' (a nil value)
My command-line:
set GARRYSMOD_COMMON=path/to/garrysmod_common-master/
set SOURCE_SDK=path/to/sourcesdk-minimal-master/
premake5 --os=windows --platform=x32 vs2010
pause
I've tried to do this with --gmcommon=path, but I'm getting the same error.
[ERROR] failed to load required CSteamGameServerAPIContext interface
1. unknown - [C]:-1
2. require - [C]:-1
3. v - lua/autorun/server/serversecure.lua:2
4. unknown - lua/includes/modules/hook.lua:84
downloaded the latest release from the releases tab, which is 1.3.9 at the time of writing
configs like the example file
running on ubuntu 14.04 lts
lua_run require("serversecure.core")
> require("serversecure.core")...
[ERROR] lua_run:1: Couldn't load module library!
1. require - [C]:-1
2. unknown - lua_run:1
Host is Debian 10, x86-64, main branch of Garry's Mod.
Issue seems to be triggered by calling the trampoline for recvfrom
, hitting libpthread.so.0
Seems related to the changes for finding symbols by name only on POSIX platforms (dlsym(RTLD_DEFAULT, "symbol_name")
).
RTLD_NEXT
works on Debian but RTLD_DEFAULT
causes this crash while RTLD_DEFAULT
works on Ubuntu but RTLD_NEXT
seems to drop all packets.
The new steam client update pads the length to exactly 1200 or more in length meaning it fails on more than one check.
Length checked here
Before update: https://i.imgur.com/MTH6OJQ.png
After update: https://i.imgur.com/W76LKPN.png
This is the main function that I was looking into and it fails to even send back request for A2S_INFO because it reports back that it is an invalid packet and should be dropped.
Length check here: https://github.com/danielga/gmsv_serversecure/blob/master/source/netfilter/core.cpp#L441
[909220.998353] srcds_linux[14642]: segfault at f7f9c7cc ip 00000000f7ef6858 sp 00000000eacb5180 error 4 in libpthread-2.28.so[f7ef6000+1000]
[909221.001890] Code: 77 28 89 c3 83 ec 0c 52 e8 b5 f8 ff ff 83 c4 10 89 d8 8b 74 24 1c 65 33 35 14 00 00 00 75 1d 83 c4 20 5b 5e 5f c3 8d 74 26 00 <8b> 8e ac ff ff ff f7 d8 bb ff ff ff ff 65 89 01 eb c8 e8 a1 33 00
OS: Linux Mint 20 "Ulyana"
Kernel: 5.4.0-56-generic
No addons, no workshop, only the scripts from this GitHub repo.
----------------------------------------------
CRASH: Mo 7. Dez 01:00:03 CET 2020
Start Line: ./srcds_linux -debug -ip 127.0.0.1 -game garrysmod +map gm_construct
End of Source crash report
----------------------------------------------
Well what can I say... This release and the previous versions (#43 , #53 ) fail to start the server. Besides, in my case the server doesn't even spit out a real message.
I noticed that the dll file size has changed, normally it should be around 1.9 MB, The only working version is 1.5.29!
SteamGameServer_BSecure returns false all the time. I think "steam_gamserver.h" in sourcesdk-minimal doesn't work at all.
Using sv_visiblemaxplayers to override it works, but the default is showing 255 now instead of the actual amount
edit: self-fix with RunConsoleCommand("sv_visiblemaxplayers",game.MaxPlayers())
[ULib] lua/autorun/server/sv_a2scache.lua:4: attempt to call field 'EnableThreadedSocket' (a nil value)
1. fn - lua/autorun/server/sv_a2scache.lua:4
2. unknown - lua/ulib/shared/hook.lua:109
Steps to reproduce:
- Enable the AS2_INFO cache with serversecure.EnableInfoCache(true)
- Set sv_location and sv_visiblemaxplayers to something in the command line or server.cfg
- AS2_INFO queries report correct values when server first starts
- Change map with changelevel and any AS2_INFO queries no longer report sv_location or sv_visiblemaxplayers
Either icvar is a nullpointer during Initialize after a map changes or the cvars themselves are not available at this stage because of a different load order. Possible fix by initliaizing these variables each time the info cache is built instead? Strange, tested several times but let me know if you need any more help debugging this.
Thanks :)
I think that server hangs such as LUA infinite loops could be prevented by using a separate thread to periodically check the main thread and kill the process if it stops running (so it can auto reboot).
My idea for implementing this is having a global boolean variable, where the main thread sets it to true in a Tick hook, then the monitor thread runs every 5 seconds or so and if the variable is true, sets it to false, but if the variable is false, kill the process. Could you please try something like this?
This seems to cause the legacy server browser to show "base" instead of "Sandbox" as the gamemode when this is installed. I removed it, and the gamemode went back to normal. It also seems to be affecting visibility in the server browser as my server sometimes doesn't show when this is installed.
As the title says, the Server begins starting up before spitting the following out once trying to load the Binary Module:
[ERROR] unable to find CNetChan::IsValidFileForTransfer
1. unknown - [C]:-1
2. require - [C]:-1
3. unknown - lua/includes/modules/serversecure.lua:1
4. require - [C]:-1
5. unknown - lua/autorun/server/sv_serversecure.lua:1
Which immediately after, SRCDS crashes.
My server got an assert failed message and crashed with this (it was too fast to read the assert message). Through trial and error I think that serversecure.EnableFileValidation(true) was the problem. I have sv_allowdownload 0 set, which might have caused the issue.
When I view game info on a friend on my server, it shows gamemode = base. I am using the multithreaded query cache.
This isn't entirely relevant to functionality, but I was wondering if there is any documentation available on extracting names and/or signatures as seen here.
Just require("serversecure") causes an instant crash with the latest GMOD update, and latest binary, on Windows.
It's a great addon plz fix
Are you able to make a 64bit version for windows? That would be much appreciated!
New srcds update today causes all versions of this module to have a segfault as soon as its initialized.
srcds_linux[22259]: segfault at 2aa3d7cc ip 000000002a996858 sp 00000000075161e0 error 4 in libpthread-2.28.so[2a996000+1000]
[1322789.186062] Code: 77 28 89 c3 83 ec 0c 52 e8 b5 f8 ff ff 83 c4 10 89 d8 8b 74 24 1c 65 33 35 14 00 00 00 75 1d 83 c4 20 5b 5e 5f c3 8d 74 26 00 <8b> 8e ac ff ff ff f7 d8 bb ff ff ff ff 65 89 01 eb c8 e8 a1 33 00
I do have a core dump. I will have to send you the link to it somewhere private.
Operating System: Ubuntu 18.04 LTS (Bionic Beaver)
Kernel: 4.15.0-20 Generic
Build Configuration: Release with symbols x86 (Doesn't matter what configuration are used)
Compiler: GCC Ubuntu 9.3.0
Segmentation fault (core dumped)
BFD: warning: core is truncated: expected core file size >= 567803904, found: 1445888
Cannot access memory at address 0xf7f26924
Cannot access memory at address 0xf7f26920
Failed to read a valid object file image from memory.
Also I have a core dump, so if you need it, I can send it to PM
The same as danielga/gm_filesystem#6 but for gmsv_serversecure
serversecure.EnableThreadedSocket(true) crashes the game without any logs. Works fine without setting it to true.
1.5.26. main branch, srcds. GMod 191111
Latest version with serversecure.EnableInfoCache(true) displays our server as VAC disabled.
Windows Server 2016
Version: 1.5.28
When I use serversecure.EnableInfoCache(true) it reverts the GAMEMODE name to "base" instead of the actual real GAMEMODE name.
It'd be nice to have a 64bit version of this, as the 64bit version of SRCDS will hopefully be on the main branch soon.
Skids are crashing my server by sending mass amounts of invalid console commands. Server console is spammed with Unknown Command: "foobar"
which I believe is what causes the lag.
A stopgap is to define the command to just ban the calling player. Can this addon be changed to block unknown console commands? Or just a player sending 10000 commands at once. Thanks!
Testing 1.5.27-6 and 1.5.27
Server dies on map change.
I experience strange problems using the module.
The operating system is Debian 10 with kernel version 5.3.7
This error appears:
L 10/31/2019 - 09:58:43: Lua Error:
[ERROR] unable to get server factory
1. unknown - [C]:-1
2. require - [C]:-1
3. unknown - lua/includes/modules/serversecure.lua:1
4. require - [C]:-1
5. unknown - lua/autorun/server/sv_serversecure.lua:1
L 10/31/2019 - 09:58:43: Lua Error:
[ERROR] lua/autorun/server/sv_serversecure.lua:1: Module not found!
1. require - [C]:-1
2. unknown - lua/autorun/server/sv_serversecure.lua:1
As soon as I call serversecure.EnableThreadedSocket(true)
function, server starts use full CPU thread.
I have 3 servers and I see this before I call the function:
It doesn't cause server lagging (I'm not sure) but I think it's may cause server crash
Just type lua_run serversecure.EnableThreadedSocket(true)
to see this yourself
Hello,
The following flags are missing from the cache implementation:
The implementation can be found here https://github.com/danielga/gmsv_serversecure/blob/master/source/netfilter/core.cpp#L234
Here is an example of the raw Sandbox EDF
gm:sandbox gmc:other loc:fr ver:210330
Thank you and have a nice day
require "serversecure.core"
[string ""]:0: Couldn't load module library!
1: (message = "[string ""]:0: Couldn't load module library!") [addons/gcompute/lua/gcompute/execution/local/gluaexecutioninstance.lua: 178]
2: ("serversecure.core", userdata: 0xede5f0c8, "/lib/libstdc++.so.6: version `GLIBCXX_3.4.20' not found (required by /home/gmod_nsds/garrysmod/lua/bin/gmsv_serversecure.core_linux.dll)", "Couldn't load module library!") [[C]: -1]
3: (__param1 = "serversecure.core") [[string "*"]: 0]
4: xpcall (function (message)) [[C]: -1]
5: Start (self = { GCompute.Execution.GLuaExecutionInstance: 0xedde71e8 }) [addons/gcompute/lua/gcompute/execution/local/gluaexecutioninstance.lua: 173]
6: CreateExecutionInstance (self = { GCompute.Execution.GLuaExecutionContext: 0xed6090b8 }, code = "require "serversecure.core"", sourceId = "@repl_0", instanceOptions = 6, callback = nil) [addons/gcompute/lua/gcompute/execution/executioncontext.lua: 56]
7: HandleExecutionInstanceCreationRequest0 (self = { GCompute.Execution.RemoteExecutionContextHost: 0xeecd6dc0 }, connection = { GLib.Net.Connection: 0xed6063f0 }, inBuffer = { GLib.Net.Layer1.PinnedNetInBuffer: 0xeed5ecc0 }) [addons/gcompute/lua/gcompute/execution/remote/remoteexecutioncontexthost.lua: 94]
8: (self = { GCompute.Execution.RemoteExecutionContextHost: 0xeecd6dc0 }, connection = { GLib.Net.Connection: 0xed6063f0 }, inBuffer = { GLib.Net.Layer1.PinnedNetInBuffer: 0xeed5ecc0 }) [addons/gcompute/lua/gcompute/execution/remote/remoteexecutioncontexthost.lua: 78]
9: xpcall (GLib.Error) [[C]: -1]
10: () [addons/glib/lua/glib/threading/thread.lua: 262]
I did something like this in my dll module once, it caused weird issues when the map was changed, random crashes/freezes that would re print old lines again into the console. It would print the last serverside lua error again or print some other server startup text that should never print again right as it crashed/froze. The weird issue stopped when I stopped nilling my table, map changes everything is reloaded anyways and it shouldnt be needed.
gmsv_serversecure/source/main.cpp
Line 49 in 381a785
Could you possibly add a Travis CI script for build automation by chance? Would make things quite easy
I'm using the latest gmod version and latest version of this addon.
print("Loading serversecure")
require("serversecure")
if serversecure.EnableInfoCache==nil then
serversecure.PostInitialize()
end
serversecure.EnableInfoCache(true)
serversecure.SetInfoCacheTime(2)
serversecure.EnableThreadedSocket(true)
timer.Create("ServerSecureInfoCache", 5, 0, function()
serversecure.RefreshInfoCache()
end)
Please make and upload binar files to repo. Thanks in advance
The module works just fine when I start the server, but when I do a changelevel, I get this error:
[ERROR] unable to create detour for CNetChan::IsValidFileForTransfer
1. unknown - [C]:-1
2. require - [C]:-1
3. unknown - lua/includes/modules/serversecure.lua:1
4. unknown - [C]:-1
5. pcall - [C]:-1
6. unknown - lua/autorun/server/sv_serversecure.lua:32
Module not found!
My server runs on linux.
So I've tried keeping the premake5 .exe and .lua files in the projects folder and moving it to the root folder. I've even edited the .lua file to point to the garrysmod_common folder(from your repo)
yet despite everything I try it simply doesn't build a sln. I simply get a split second where cmd pops up, but immediatly closes. I can't even get an error from it to know whats wrong with it since it closes immediatly
I had to make my code like this to fix some errors:
require("serversecure")
if serversecure.EnableInfoCache==nil then
serversecure.PostInitialize()
end
hello. the module doesn't work anymore after the new update what just came out for gmod.
https://gmod.facepunch.com/blog/august-2018-hotfix/
[ERROR] unable to find CNetChan::IsValidFileForTransfer
on latest debian 10 with your example file, it doesn't work
`[ERROR] lua/autorun/server/serversecure.lua:1: Couldn't load module library!
People like to use more than just A2S_INFO for DoS attacks
Hello, I am trying to make a working gmsv_query (https://github.com/DuckyC/gmsv_query) library for linux (it contains about 90% of source code from serversecure, but does not work out-of-box because its based on very outdated version). So I tried to apply post-2016 commits and was able to get module recognized and loaded, but then it fails on recvfrom() in libpthread.so. https://yadi.sk/d/cQa1XrgKoHp8XQ
Could you help me, please? I need this library for testing purposes.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.