global_motionblur.gani Crash

ffcmike · #1 09-15-2012, 12:55 AM

I believe there is a possibility global_motionblur.gani is being used by hacker(s) as a method to crash players clients, simply by setting it to their characters gani as opposed to its normal usage as a gani attribute.

While there are ways this could be detected by script, could this possibly be prevented in a more reliable way?
Maybe the gani's script could be modified to ensure it is not set to the players actual ani, like as follows:

PHP Code:


			
function onTimeout() {
  if(player.ani.name == "global_motionblur"){
    return;
  }
  //stuff
}

fowlplay4 · #2 09-15-2012, 01:08 AM

Judging by script, lolcursion occurs which looks quite easy to fix.

PHP Code:


			
SCRIPT

const TIMEGAP = 0.05;

const MOTIONSTEPS = 5;



function onPlayerEnters() {

  onTimeout();

}



function onTimeout() {

  this.counter = (this.counter + 1) % MOTIONSTEPS;

  if (player.ani.name != "global_motionblur") { // dat fix

    showTrail();

  } else {

    hideimgs(200,201+MOTIONSTEPS);

  } 

  setTimer(TIMEGAP);

}



function showTrail() {

  with (findimg(200 + this.counter)) {

    layer = 0;

    x = player.x;

    y = player.y;

    z = player.z;

    ani = player.ani.name @ "[" @ player.anistep @ "]";

    dir = player.dir;

    playerlook = true;

    actor.mode = 1;

  }



  for (temp.i=0; temp.i<MOTIONSTEPS; temp.i++)

    findimg(200 + (this.counter+1+temp.i)%MOTIONSTEPS).actor.alpha = 0.1 + 0.8*temp.i/MOTIONSTEPS;

}

SCRIPTEND

cbk1994 · #3 09-15-2012, 01:19 AM

Quote:

Originally Posted by fowlplay4

Judging by script, lolcursion occurs which looks quite easy to fix.

Nice. All Stefan needs to do now is change one line in one file on one server. Maybe by Christmas?

callimuc · #4 09-15-2012, 01:38 AM

I already realized this on iEra, but thought its just me. But than some days later it worked fine for me on another server so I didnt bother reporting this.
Well maybe I had a fixed one, not sure

Admins · #5 09-15-2012, 02:04 AM

I've updated and reloaded the file.

ffcmike · #6 09-15-2012, 02:11 AM

Quote:

Originally Posted by Stefan

I've updated and reloaded the file.

It's fixed, thanks.

cbk1994 · #7 09-15-2012, 01:25 PM

Quote:

Originally Posted by Stefan

I've updated and reloaded the file.

Merry Christmas!

Emera · #8 09-15-2012, 02:55 PM

I actually emailed Stefan about this 3 or 4 months ago, but I never received a reply and I didn't notice any change in the bug's behaviour. Thanks for bringing this up Thor.