smartfoxserver.com

It seems i've found a bug in SFS 1.6.18 patch.
This patch has got new feature:
- Added more severe policy for malformed packets (XML, JSON and string based). Malformed requests will cause immediate client disconnection.
The bug itself:
In case such malformed packet arrives, SFS drops it and closes the socket but does not release a user "slot" assigned for it.
It leads to max. available user room overflow (for e.q for a trial SFS version - only 20 simultaneously users available) and SFS stops accept new connections.

Thanks, I've opened a ticket with your report.
We're investigating and I'll report back soon.

Stay tuned.

UPDATE: we're not sure how to reproduce this.
Can you please send us a proof of concept of how to recreate the issue? You can use our support@... email box.

Thanks

I would have preferred you sent us an email.
If there's a way to attack the server it's best not to describe how it's done step by step in a public forum

Anyways thanks for the details, we'll investigate and let you know.

It also happens to my server
But this happens only if the client sends a lot of requests to the extension so the server kicking the room visits

We're working on a patch to be release next week.
I'll post more details here as we progress.

cheers

Thank you

UPDATE:
Here is patch 1.6.19
Please download it and apply to your local environment, then see if you can still reproduce the problem.
From our end the problem seems solved.

Thanks

Thanks for the patch, I've applied it, but I can't confirm that the problem is completely solved.
At the scenario that I described early, (where the are two sockets are involved) the SFS now closes the connected socket from the malformed message come and not performs login procedure following by the malformed message, but NOT IN ALL CASES. When this happens very fast in a loop-cycle, the valid user authentication procedure still take in place eventually (may be for 1 in 100-200 iterations, and the available users room storage is still could be overflowed .

I am not sure how to reproduce this, but I have another consideration and it is about the lack of a login validation.
Without a login credential check you're leaving the door open for abuse, because the potential attacker can spam the server knowing that any user will be accepted.

To me this seems like the bigger issue in the scenario you have described.

In any case if you have a script or proof of concept that can reproduce the issue we'll be happy to look into this further.

SmartFoxServer Pro is constantly crashing. I've the error logs where am I supposed to send it @Lapo?

Hi,
you can start a new thread and provide all the details about the problem you're seeing.
Here's a list of what we need (it's for SFS2X but applies to PRO as well):
viewtopic.php?f=18&t=16497

Thanks

SmartFoxServer Pro is constantly crashing

prapat50 wrote:SmartFoxServer Pro is constantly crashing

Please open a new thread and give us the details.
This will help you:
viewtopic.php?f=18&t=16497