Get the top HN stories in your inbox every day.
throwawaymmo
mikevm
And then you have people claiming that security/safety in game engine code is not important, therefore Rust has no benefits over C++ for games. Nonsense!
Ygg2
Reminds me when Morrowind caused file corruption issues.
kuroguro
Reminds me when EVE Online deleted boot.ini and bricked player computers.
AnIdiotOnTheNet
Many games are single player and don't have any network protocol to fuzz.
Craighead
Its a stolen game engine, not much in the way of confidence towards anything they do.
pknflx
Even the big games suffer from network-related vulnerabilities. One such example is GTA V. Exploits designed to crash people's games are widely used and accessible to pretty much anyone, and I wouldn't be surprised if one such exploit could have lead to a RCE in the past.
bruce343434
The unchecked bounds example was just sad - I mean how hard is it to use common sense? Assume the entire packet is always tainted because it comes from an external source!
kevincox
Any developer will say they do this. But very few, if any, can do this perfectly for every line of code that they write. Humans are terrible at doing things all of the time. Expecting developers to remember to do bounds check is setting yourself up for failure.
bruce343434
You can calloc the array instead of have a fixed size. You can validate the packet for <16.
The person who wrote this consciously thought to themselves "here's 16 slots I can fill, here is an external source that comes in with how many slots it wants to fill." at which point the server-authoritative-model senses should have started tinkling, as well as the experienced-c-programmer-who-has-been-bitten-by-out-of-bounds-memory-accesses-before senses.
dm3
This reminds me of a pair of episodes on Darknet Diaries - Manfred[1] - ep. 7/8. Opened my eyes to how insecure games actually are (were?) and how the economy of virtual item trading moved from E-Bay to in-game transactions:
fulafel
wtf seems great. It seems Windows soecific, is there something similar for other targets?
Get the top HN stories in your inbox every day.
Slightly off-topic and throwaway for legal reasons.
While reverse engineering the network protocol for Genshin Impact, I found at least a couple ways to cause memory access violations. It's really a pity most PC games aren't well sandboxed.