Pawn.RakNet
Pawn.RakNet copied to clipboard
Published
20 hours ago •
katursis
katursis
CRASH in version 1.4.1
Hello,
I was using version 1.3.0 of the plugin, and I have never had a server crash problem for years. However, when I upgraded to version 1.4.1, crashes started happening randomly, once every 1-3 days.
server_log.txt:
[21/02/2021 03:32:47] [debug] Server crashed due to an unknown error
[21/02/2021 03:32:47] [debug] Native backtrace:
[21/02/2021 03:32:47] [debug] #0 f7a4de8b in _ZN10StackTraceC1EPv () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #1 f7a46bcf in _ZN11CrashDetect20PrintNativeBacktraceERSoPv () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #2 f7a47dbc in _ZN11CrashDetect20PrintNativeBacktraceEPv () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #3 f7a48226 in _ZN11CrashDetect11OnExceptionEPv () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #4 f7a4dadc in ?? () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #5 f7f26090 in __kernel_rt_sigreturn () from linux-gate.so.1
[21/02/2021 03:32:47] [debug] #6 f7f26069 in __kernel_vsyscall () from linux-gate.so.1
[21/02/2021 03:32:47] [debug] #7 f7aa0382 in gsignal () from /lib/i386-linux-gnu/libc.so.6
[21/02/2021 03:32:47] [debug] #8 f7a8a2b6 in abort () from /lib/i386-linux-gnu/libc.so.6
[21/02/2021 03:32:47] [debug] #9 f7de1ab7 in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[21/02/2021 03:32:47] [debug] #10 f7de9094 in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[21/02/2021 03:32:47] [debug] #11 f7de90fd in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[21/02/2021 03:32:47] [debug] #12 f7de93fc in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[21/02/2021 03:32:47] [debug] #13 f6330371 in _ZN9Functions9RakServer9NewPacketEtRKN6RakNet9BitStreamE () from plugins/pawnraknet.so
[21/02/2021 03:32:47] [debug] #14 f633e344 in _ZN5Hooks13InternalHooks18RakServer__ReceiveEPv () from plugins/pawnraknet.so
[21/02/2021 03:32:47] [debug] #15 080aed6d in ?? () from ./samp03svr
[21/02/2021 03:32:47] [debug] #16 080aef32 in ?? () from ./samp03svr
[21/02/2021 03:32:47] [debug] #17 080aa16a in ?? () from ./samp03svr
[21/02/2021 03:32:47] [debug] #18 f7a8bb41 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6
[21/02/2021 03:32:47] [debug] #19 0804b4e1 in ?? () from ./samp03svr
I did some tests and I think the reason for this crash is when I rewrite a sync packet exceeding the original length. I managed to reproduce the same errors in the log.
I use BS_SetWriteOffset with 280 bits to change only health / armor in the onfoot sync. Some player probably sent an invalid packet (smaller than expected), so I would be writing to a part of the packet that doesn't exist.
It also occurs with BS_WriteOnFootSync, BS_WriteInCarSync, etc.
Attach full server_log.txt and example.pwn (to reproduce the error), please.
I guess you need to delete "BS_SetWriteOffset(bs, 0)" or "BS_ResetWritePointer(bs)" calls (if existing).
I don't know how to simulate an invalid packet, so I tested it this way:
public OnIncomingPacket(playerid, packetid, BitStream:bs)
{
if(packetid == 207) //PLAYER_SYNC
{
BS_SetWriteOffset(bs, 552);
BS_WriteValue(
bs,
PR_UINT8, 0 //exceeding the total bits of the onfoot sync (552)
);
printf("this prints before the crash");
}
return 1;
}
This will crash the server.
Edit: this code, without BS_ResetWritePointer, crashes in Windows, but not on Linux. Deleting BS_ResetWritePointer really prevents crash on Linux. I'm using BS_ResetWritePointer in my code, but what I did to fix it was to check the size of the packet before writing it.
server_log.txt (Linux):
[22/02/2021 18:58:52] [debug] Server crashed due to an unknown error
[22/02/2021 18:58:52] [debug] Native backtrace:
[22/02/2021 18:58:52] [debug] #0 f7af1e8b in _ZN10StackTraceC1EPv () from plugins/crashdetect.so
[22/02/2021 18:58:52] [debug] #1 f7aeabcf in _ZN11CrashDetect20PrintNativeBacktraceERSoPv () from plugins/crashdetect.so
[22/02/2021 18:58:52] [debug] #2 f7aebdbc in _ZN11CrashDetect20PrintNativeBacktraceEPv () from plugins/crashdetect.so
[22/02/2021 18:58:52] [debug] #3 f7aec226 in _ZN11CrashDetect11OnExceptionEPv () from plugins/crashdetect.so
[22/02/2021 18:58:52] [debug] #4 f7af1adc in ?? () from plugins/crashdetect.so
[22/02/2021 18:58:52] [debug] #5 f7fca090 in __kernel_rt_sigreturn () from linux-gate.so.1
[22/02/2021 18:58:52] [debug] #6 f7fca069 in __kernel_vsyscall () from linux-gate.so.1
[22/02/2021 18:58:52] [debug] #7 f7b44382 in gsignal () from /lib/i386-linux-gnu/libc.so.6
[22/02/2021 18:58:52] [debug] #8 f7b2e2b6 in abort () from /lib/i386-linux-gnu/libc.so.6
[22/02/2021 18:58:52] [debug] #9 f7e85ab7 in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[22/02/2021 18:58:52] [debug] #10 f7e8d094 in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[22/02/2021 18:58:52] [debug] #11 f7e8d0fd in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[22/02/2021 18:58:52] [debug] #12 f7e8d3fc in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[22/02/2021 18:58:52] [debug] #13 f02f9371 in _ZN9Functions9RakServer9NewPacketEtRKN6RakNet9BitStreamE () from plugins/pawnraknet.so
[22/02/2021 18:58:52] [debug] #14 f0307344 in _ZN5Hooks13InternalHooks18RakServer__ReceiveEPv () from plugins/pawnraknet.so
[22/02/2021 18:58:52] [debug] #15 080aed6d in ?? () from ./samp03svr
[22/02/2021 18:58:52] [debug] #16 080aef32 in ?? () from ./samp03svr
[22/02/2021 18:58:52] [debug] #17 080aa16a in ?? () from ./samp03svr
[22/02/2021 18:58:52] [debug] #18 f7b2fb41 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6
[22/02/2021 18:58:52] [debug] #19 0804b4e1 in ?? () from ./samp03svr
- I need full server_log.txt, not just crashlog.
- Why are you using BS_ResetWritePointer? Show by example how.
- Ok, but the full server_log is 80MB, so I cut out a lot of it.
----------
Loaded log file: "server_log.txt".
----------
SA-MP Dedicated Server
----------------------
v0.3.7-R3, (C)2005-2019 SA-MP Team
[20/02/2021 05:00:07]
[20/02/2021 05:00:07] Server Plugins
[20/02/2021 05:00:07] --------------
[20/02/2021 05:00:07] Loading plugin: crashdetect.so
[20/02/2021 05:00:07] CrashDetect v4.15.1 is OK.
[20/02/2021 05:00:07] Loaded.
[20/02/2021 05:00:07] Loading plugin: streamer.so
[20/02/2021 05:00:07]
*** Streamer Plugin v2.9.4 by Incognito loaded ***
[20/02/2021 05:00:07] Loaded.
[20/02/2021 05:00:07] Loading plugin: sscanf.so
[20/02/2021 05:00:07]
[20/02/2021 05:00:07] ===============================
[20/02/2021 05:00:07] sscanf plugin loaded.
[20/02/2021 05:00:07] Version: 2.8.3
[20/02/2021 05:00:07] (c) 2018 Alex "Y_Less" Cole
[20/02/2021 05:00:07] ===============================
[20/02/2021 05:00:07] Loaded.
[20/02/2021 05:00:07] Loading plugin: mysql.so
[20/02/2021 05:00:07] >> plugin.mysql: R41-4 successfully loaded.
[20/02/2021 05:00:07] Loaded.
[20/02/2021 05:00:07] Loading plugin: filemanager.so
[20/02/2021 05:00:07] ******************
[20/02/2021 05:00:07] ** FILE MANAGER **
[20/02/2021 05:00:07] ** Loaded **
[20/02/2021 05:00:07] ** Version 1.5 **
[20/02/2021 05:00:07] ******************
[20/02/2021 05:00:07] Loaded.
[20/02/2021 05:00:07] Loading plugin: pawnraknet.so
[20/02/2021 05:00:07] [Pawn.RakNet]
| Pawn.RakNet 1.4.1 | 2016 - 2020
|--------------------------------
| Author and maintainer: urShadow
| Compiled: Jun 18 2020 at 11:28:17
|--------------------------------------------------------------
| Forum thread: https://forum.sa-mp.com/showthread.php?t=640306
|--------------------------------------------------------------
| Repository: https://github.com/urShadow/Pawn.RakNet
|--------------------------------------------------------------
| Wiki: https://github.com/urShadow/Pawn.RakNet/wiki
[20/02/2021 05:00:07] Loaded.
[20/02/2021 05:00:07] Loaded 6 plugins.
[20/02/2021 05:00:07]
[20/02/2021 05:00:07] Ban list
[20/02/2021 05:00:07] --------
[20/02/2021 05:00:07] Loaded: samp.ban
[20/02/2021 05:00:07]
[20/02/2021 05:00:07]
[20/02/2021 05:00:07] Filterscripts
[20/02/2021 05:00:07] ---------------
[20/02/2021 05:00:07] Loading filterscript 'anticheat.amx'...
[20/02/2021 05:00:07]
[20/02/2021 05:00:07]
[20/02/2021 05:00:07]
[20/02/2021 05:00:07] =======================================
[20/02/2021 05:00:07] | |
[20/02/2021 05:00:07] | YSI version 4.00.0001 |
[20/02/2021 05:00:07] | By Alex "Y_Less" Cole |
[20/02/2021 05:00:07] | |
[20/02/2021 05:00:07] =======================================
[20/02/2021 05:00:07]
[20/02/2021 05:00:07] --- Anticheat v2.0 loaded successfully!
[20/02/2021 05:00:07] Loading filterscript 'objects.amx'...
[20/02/2021 05:00:07] Loading filterscript 'bases.amx'...
[20/02/2021 05:00:07] Loading filterscript 'rcon_cmds.amx'...
[20/02/2021 05:00:07] Loading filterscript 'HGps.amx'...
[20/02/2021 05:00:07] Loading filterscript 'Ints.amx'...
[20/02/2021 05:00:07] Loading filterscript 'mapfix.amx'...
[20/02/2021 05:00:07] MapFix by Nexius v3.9.4 loaded (filterscript version).
[20/02/2021 05:00:07] Loading filterscript 'is_android.amx'...
[20/02/2021 05:00:07] Loaded 8 filterscripts.
[20/02/2021 05:00:07]
[20/02/2021 05:00:07]
[20/02/2021 05:00:07]
[20/02/2021 05:00:07] =======================================
[20/02/2021 05:00:07] | |
[20/02/2021 05:00:07] | YSI version 4.00.0001 |
[20/02/2021 05:00:07] | By Alex "Y_Less" Cole |
[20/02/2021 05:00:07] | |
[20/02/2021 05:00:07] =======================================
[20/02/2021 05:00:07]
[20/02/2021 05:00:12] Warning: Minimum time between new connections (300) exceeded for 187.61.119.92:7576. Ignoring the request.
[20/02/2021 05:00:12] Warning: Minimum time between new connections (300) exceeded for 177.125.122.167:22723. Ignoring the request.
[20/02/2021 05:00:13] Warning: Minimum time between new connections (300) exceeded for 177.47.71.44:26625. Ignoring the request.
[20/02/2021 05:00:13] Warning: Minimum time between new connections (300) exceeded for 179.222.46.20:57547. Ignoring the request.
[20/02/2021 05:00:14] Warning: Minimum time between new connections (300) exceeded for 177.47.71.44:26625. Ignoring the request.
[20/02/2021 05:00:14] Warning: Minimum time between new connections (300) exceeded for 177.21.84.27:51492. Ignoring the request.
[20/02/2021 05:00:15] Warning: Minimum time between new connections (300) exceeded for 200.161.50.76:51204. Ignoring the request.
[20/02/2021 05:00:15] Warning: Minimum time between new connections (300) exceeded for 186.226.162.231:44101. Ignoring the request.
[20/02/2021 05:00:16] Conexao ao banco de dados MySQL efetuada com sucesso
[20/02/2021 05:00:16] Warning: Minimum time between new connections (300) exceeded for 200.161.50.76:51204. Ignoring the request.
[20/02/2021 05:00:16] Warning: Minimum time between new connections (300) exceeded for 189.89.223.152:60775. Ignoring the request.
[20/02/2021 05:00:16] Loaded 17 ZvH maps
[20/02/2021 05:00:16] Loaded 8 Battle Royale maps
[20/02/2021 05:00:16] Derby: Loaded 59 DEFAULT maps
[20/02/2021 05:00:16] Derby: Loaded 26 DD maps
[20/02/2021 05:00:16] Derby: Loaded 25 CW maps
[20/02/2021 05:00:16] Loaded 21 Shooter maps
[20/02/2021 05:00:16] DM Race: Loaded 296 Easy DM maps
[20/02/2021 05:00:16] DM Race: Loaded 167 Race DM maps
[20/02/2021 05:00:16] DM Race: Loaded 21 Hard DM maps
[20/02/2021 05:00:17] Loaded 11 Fall maps
[20/02/2021 05:00:17] Loaded 70 A/D maps
[20/02/2021 05:00:17]
[20/02/2021 05:00:17] |-------------------------------------------------------
[20/02/2021 05:00:17] |--- Multimode carregado com sucesso!
[20/02/2021 05:00:17] |-- Server v4.5
[20/02/2021 05:00:17] |-- (C) 2017 Stunts. Todos os direitos reservados
[20/02/2021 05:00:17] |-------------------------------------------------------
[20/02/2021 05:00:17]
[20/02/2021 05:00:17] Number of vehicle models: 123
[20/02/2021 05:00:17] [connection] incoming connection: 46.106.126.52:6379 id: 0
[20/02/2021 05:00:17] [join] Psoria has joined the server (0:46.106.126.52)
[20/02/2021 05:00:17] [connection] incoming connection: 36.74.43.59:25810 id: 1
[20/02/2021 05:00:17] [connection] incoming connection: 5.44.168.153:59716 id: 2
[20/02/2021 05:00:17] [join] Ragna has joined the server (1:36.74.43.59)
[20/02/2021 05:00:17] [connection] incoming connection: 187.61.119.92:7576 id: 3
[20/02/2021 05:00:17] [join] dontcrybaby. has joined the server (2:5.44.168.153)
[20/02/2021 05:00:17] [connection] incoming connection: 131.161.135.157:65523 id: 4
[20/02/2021 05:00:17] [join] XHardCbug has joined the server (3:187.61.119.92)
[20/02/2021 05:00:17] [connection] incoming connection: 107.182.231.206:52264 id: 5
[20/02/2021 05:00:17] [join] Paperback has joined the server (4:131.161.135.157)
[20/02/2021 05:00:17] [connection] incoming connection: 177.92.187.234:38584 id: 6
[20/02/2021 05:00:17] [join] Pedro.old has joined the server (5:107.182.231.206)
[20/02/2021 05:00:17] [connection] incoming connection: 179.222.46.20:57547 id: 7
[20/02/2021 05:00:17] [connection] incoming connection: 187.111.132.143:10641 id: 8
......................................
[21/02/2021 03:32:35] CMD: [ID:10] Rodrigo.old digitou '/sair'
[21/02/2021 03:32:35] CMD: [ID:6] [TF]AimBeacker digitou '/pc'
[21/02/2021 03:32:36] CMD: [ID:30] [PCC]Luiz.2906 digitou '/clans'
[21/02/2021 03:32:36] CMD: [ID:10] Rodrigo.old digitou '/clans'
[21/02/2021 03:32:38] CMD: [ID:48] [Girlz].Six digitou '/config'
[21/02/2021 03:32:39] CMD: [ID:24] Ryan_Lira digitou '/r meu cell tem isso, pqp q bglh chato vei'
[21/02/2021 03:32:39] CMD: [ID:22] MrThomasaum digitou '/convidarclan'
[21/02/2021 03:32:39] CMD: [ID:15] FelpsZ digitou '/v'
[21/02/2021 03:32:40] [death] [TF]AimBeacker died 255
[21/02/2021 03:32:40] CMD: [ID:20] [ARG]GHOST[SAO] digitou '/v'
[21/02/2021 03:32:41] [death] [SCS]Paperback died 255
[21/02/2021 03:32:41] CMD: [ID:16] Lucas_Gamer digitou '/DMRACE'
[21/02/2021 03:32:42] CMD: [ID:1] Scottinho.Us digitou '/VM RA'
[21/02/2021 03:32:42] CMD: [ID:10] Rodrigo.old digitou '/clans'
[21/02/2021 03:32:44] [connection] incoming connection: 179.51.164.143:6372 id: 23
[21/02/2021 03:32:44] CMD: [ID:6] [TF]AimBeacker digitou '/pc'
[21/02/2021 03:32:44] [death] xont.wy died 255
[21/02/2021 03:32:44] CMD: [ID:9] sonnyn_cj digitou '/colete'
[21/02/2021 03:32:45] CMD: [ID:14] Yago_SAMP digitou '/car sult'
[21/02/2021 03:32:45] CMD: [ID:41] [STT]Adrian digitou '/ban 12 Cheater'
[21/02/2021 03:32:45] [debug] samp launcher packet received
[21/02/2021 03:32:45] [join] GABRIEL_RT has joined the server (23:179.51.164.143)
[21/02/2021 03:32:45] CMD: [ID:3] kbk digitou '/HELP'
[21/02/2021 03:32:46] [part] Eaten_Bee has left the server (12:2)
[21/02/2021 03:32:46] CMD: [ID:30] [PCC]Luiz.2906 digitou '/aceitarclan'
[21/02/2021 03:32:47] [debug] Server crashed due to an unknown error
[21/02/2021 03:32:47] [debug] Native backtrace:
[21/02/2021 03:32:47] [debug] #0 f7a4de8b in _ZN10StackTraceC1EPv () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #1 f7a46bcf in _ZN11CrashDetect20PrintNativeBacktraceERSoPv () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #2 f7a47dbc in _ZN11CrashDetect20PrintNativeBacktraceEPv () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #3 f7a48226 in _ZN11CrashDetect11OnExceptionEPv () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #4 f7a4dadc in ?? () from plugins/crashdetect.so
[21/02/2021 03:32:47] [debug] #5 f7f26090 in __kernel_rt_sigreturn () from linux-gate.so.1
[21/02/2021 03:32:47] [debug] #6 f7f26069 in __kernel_vsyscall () from linux-gate.so.1
[21/02/2021 03:32:47] [debug] #7 f7aa0382 in gsignal () from /lib/i386-linux-gnu/libc.so.6
[21/02/2021 03:32:47] [debug] #8 f7a8a2b6 in abort () from /lib/i386-linux-gnu/libc.so.6
[21/02/2021 03:32:47] [debug] #9 f7de1ab7 in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[21/02/2021 03:32:47] [debug] #10 f7de9094 in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[21/02/2021 03:32:47] [debug] #11 f7de90fd in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[21/02/2021 03:32:47] [debug] #12 f7de93fc in ?? () from /lib/i386-linux-gnu/libstdc++.so.6
[21/02/2021 03:32:47] [debug] #13 f6330371 in _ZN9Functions9RakServer9NewPacketEtRKN6RakNet9BitStreamE () from plugins/pawnraknet.so
[21/02/2021 03:32:47] [debug] #14 f633e344 in _ZN5Hooks13InternalHooks18RakServer__ReceiveEPv () from plugins/pawnraknet.so
[21/02/2021 03:32:47] [debug] #15 080aed6d in ?? () from ./samp03svr
[21/02/2021 03:32:47] [debug] #16 080aef32 in ?? () from ./samp03svr
[21/02/2021 03:32:47] [debug] #17 080aa16a in ?? () from ./samp03svr
[21/02/2021 03:32:47] [debug] #18 f7a8bb41 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6
[21/02/2021 03:32:47] [debug] #19 0804b4e1 in ?? () from ./samp03svr
- There is no reason for me to use BS_ResetWritePointer, I already removed it from my code.
My old code:
hook OnIncomingPacket(playerid, packetid, BitStream:bs)
{
if(playerid == -1) return 1;
switch(packetid)
{
case PLAYER_SYNC:
{
if(IsWasted(playerid)) return Y_HOOKS_BREAK_RETURN_0;
BS_SetReadOffset(bs, 8 + 16 + 16 + 16 + (3*32) + (4*32)); //UINT8, UINT16, UINT16, UINT16, PR_FLOAT3, PR_FLOAT4
new health, armour;
BS_ReadValue(
bs,
PR_UINT8, health
);
if(0 < health - s_Health[playerid] <= 35)
{
Damage_CheckVendMachine(playerid, float(health));
}
health = floatround(s_Health[playerid], floatround_floor);
armour = floatround(s_Armour[playerid], floatround_floor);
BS_SetWriteOffset(bs, 8 + 16 + 16 + 16 + (3*32) + (4*32));
BS_WriteValue(
bs,
PR_UINT8, health,
PR_UINT8, armour
);
BS_ResetReadPointer(bs);
BS_ResetWritePointer(bs);
}
case VEHICLE_SYNC:
{
if(IsWasted(playerid)) return Y_HOOKS_BREAK_RETURN_0;
new inCarData[PR_InCarSync];
BS_IgnoreBits(bs, 8);
BS_ReadInCarSync(bs, inCarData);
inCarData[PR_playerHealth] = floatround(s_Health[playerid], floatround_floor);
inCarData[PR_armour] = floatround(s_Armour[playerid], floatround_floor);
//----------------- Vehicle keys -----------------
if(inCarData[PR_keys] & KEY_FIRE || inCarData[PR_keys] & KEY_ACTION)
{
new gm = GetGameMode(playerid), model = GetVehicleModel(inCarData[PR_vehicleId]);
if((gm == GM_FREE && (model == 407 || model == 601)) || (gm == GM_CnR && (model == 425 || model == 520)))
{
inCarData[PR_keys] &= ~(KEY_FIRE | KEY_ACTION);
}
}
//---------------------------------------------------
BS_SetWriteOffset(bs, 8);
BS_WriteInCarSync(bs, inCarData);
BS_ResetReadPointer(bs);
BS_ResetWritePointer(bs);
}
case PASSENGER_SYNC:
{
if(IsWasted(playerid)) return Y_HOOKS_BREAK_RETURN_0;
new health, armour;
health = floatround(s_Health[playerid], floatround_floor);
armour = floatround(s_Armour[playerid], floatround_floor);
BS_SetWriteOffset(bs, 8 + 16 + 2 + 6 + 2 + 6);
BS_WriteValue(
bs,
PR_UINT8, health,
PR_UINT8, armour
);
BS_ResetWritePointer(bs);
}
}
return 1;
}
Function BS_ResetWritePointer empties BitStream data. No reason to use it after BS_WriteValue, it is nonsense.
I think it is a cause of the issue.
without BS_ResetWritePointer, crashes in Windows
Are you sure?
Yes, I've tested again this code on Windows.
----------
Loaded log file: "server_log.txt".
----------
SA-MP Dedicated Server
----------------------
v0.3.7-R3, (C)2005-2019 SA-MP Team
[23/02/2021 08:19:23]
[23/02/2021 08:19:23] Server Plugins
[23/02/2021 08:19:23] --------------
[23/02/2021 08:19:23] Loading plugin: crashdetect.dll
[23/02/2021 08:19:23] CrashDetect v4.15.1 is OK.
[23/02/2021 08:19:23] Loaded.
[23/02/2021 08:19:23] Loading plugin: streamer.dll
[23/02/2021 08:19:23]
*** Streamer Plugin v2.9.4 by Incognito loaded ***
[23/02/2021 08:19:23] Loaded.
[23/02/2021 08:19:23] Loading plugin: sscanf.dll
[23/02/2021 08:19:23]
[23/02/2021 08:19:23] ===============================
[23/02/2021 08:19:23] sscanf plugin loaded.
[23/02/2021 08:19:23] Version: 2.8.3
[23/02/2021 08:19:23] (c) 2018 Alex "Y_Less" Cole
[23/02/2021 08:19:23] ===============================
[23/02/2021 08:19:23] Loaded.
[23/02/2021 08:19:23] Loading plugin: mysql.dll
[23/02/2021 08:19:23] >> plugin.mysql: R41-4 successfully loaded.
[23/02/2021 08:19:23] Loaded.
[23/02/2021 08:19:23] Loading plugin: pawnraknet.dll
[23/02/2021 08:19:23] [Pawn.RakNet]
| Pawn.RakNet 1.4.1 | 2016 - 2020
|--------------------------------
| Author and maintainer: urShadow
| Compiled: Jun 18 2020 at 14:19:11
|--------------------------------------------------------------
| Forum thread: https://forum.sa-mp.com/showthread.php?t=640306
|--------------------------------------------------------------
| Repository: https://github.com/urShadow/Pawn.RakNet
|--------------------------------------------------------------
| Wiki: https://github.com/urShadow/Pawn.RakNet/wiki
[23/02/2021 08:19:23] Loaded.
[23/02/2021 08:19:23] Loading plugin: filemanager.dll
[23/02/2021 08:19:23] ******************
[23/02/2021 08:19:23] ** FILE MANAGER **
[23/02/2021 08:19:23] ** Loaded **
[23/02/2021 08:19:23] ** Version 1.5 **
[23/02/2021 08:19:23] ******************
[23/02/2021 08:19:23] Loaded.
[23/02/2021 08:19:23] Loaded 6 plugins.
[23/02/2021 08:19:23]
[23/02/2021 08:19:23] Filterscripts
[23/02/2021 08:19:23] ---------------
[23/02/2021 08:19:23] Loading filterscript 'anticheat.amx'...
[23/02/2021 08:19:23]
[23/02/2021 08:19:23]
[23/02/2021 08:19:23]
[23/02/2021 08:19:23] =======================================
[23/02/2021 08:19:23] | |
[23/02/2021 08:19:23] | YSI version 4.00.0001 |
[23/02/2021 08:19:23] | By Alex "Y_Less" Cole |
[23/02/2021 08:19:23] | |
[23/02/2021 08:19:23] =======================================
[23/02/2021 08:19:23]
[23/02/2021 08:19:23] --- Anticheat v2.0 loaded successfully!
[23/02/2021 08:19:23] Loading filterscript 'objects.amx'...
[23/02/2021 08:19:23] Loading filterscript 'bases.amx'...
[23/02/2021 08:19:23] Loading filterscript 'rcon_cmds.amx'...
[23/02/2021 08:19:23] Loading filterscript 'HGps.amx'...
[23/02/2021 08:19:23] Loading filterscript 'Ints.amx'...
[23/02/2021 08:19:23] Loading filterscript 'mapfix.amx'...
[23/02/2021 08:19:23] MapFix by Nexius v3.9.4 loaded (filterscript version).
[23/02/2021 08:19:23] Loading filterscript 'is_android.amx'...
[23/02/2021 08:19:24] Loaded 8 filterscripts.
[23/02/2021 08:19:24]
[23/02/2021 08:19:24]
[23/02/2021 08:19:24]
[23/02/2021 08:19:24] =======================================
[23/02/2021 08:19:24] | |
[23/02/2021 08:19:24] | YSI version 4.00.0001 |
[23/02/2021 08:19:24] | By Alex "Y_Less" Cole |
[23/02/2021 08:19:24] | |
[23/02/2021 08:19:24] =======================================
[23/02/2021 08:19:24]
[23/02/2021 08:19:29] Conexao ao banco de dados MySQL efetuada com sucesso
[23/02/2021 08:19:31] Loaded 17 ZvH maps
[23/02/2021 08:19:31] Loaded 8 Battle Royale maps
[23/02/2021 08:19:31] Derby: Loaded 1 DEFAULT maps
[23/02/2021 08:19:31] Derby: Loaded 7 DD maps
[23/02/2021 08:19:31] Derby: Loaded 1 CW maps
[23/02/2021 08:19:31] Loaded 3 Shooter maps
[23/02/2021 08:19:31] DM Race: Loaded 0 Easy DM maps
[23/02/2021 08:19:31] DM Race: Loaded 0 Race DM maps
[23/02/2021 08:19:31] DM Race: Loaded 0 Hard DM maps
[23/02/2021 08:19:31] Loaded 11 Fall maps
[23/02/2021 08:19:31] Loaded 71 A/D maps
[23/02/2021 08:19:31]
[23/02/2021 08:19:31] |-------------------------------------------------------
[23/02/2021 08:19:31] |--- Multimode carregado com sucesso!
[23/02/2021 08:19:31] |-- Server v4.5
[23/02/2021 08:19:31] |-- (C) 2017 Stunts. Todos os direitos reservados
[23/02/2021 08:19:31] |-------------------------------------------------------
[23/02/2021 08:19:31]
[23/02/2021 08:19:31] Number of vehicle models: 123
[23/02/2021 08:19:48] [connection] incoming connection: 127.0.0.1:56702 id: 0
[23/02/2021 08:19:49] [join] [STT]Rodrigo[DN] has joined the server (0:127.0.0.1)
[23/02/2021 08:19:56] this prints before the crash
[23/02/2021 08:19:56] [debug] Server crashed due to an unknown error
[23/02/2021 08:19:56] [debug] Native backtrace:
[23/02/2021 08:19:56] [debug] #0 77c55e2c in ?? () from C:\Windows\SYSTEM32\ntdll.dll
[23/02/2021 08:19:56] [debug] #1 77c18786 in ?? () from C:\Windows\SYSTEM32\ntdll.dll
[23/02/2021 08:19:56] [debug] #2 00498f01 in ?? () from samp-server.exe
[23/02/2021 08:19:56] [debug] #3 00450046 in ?? () from samp-server.exe
[23/02/2021 08:19:56] [debug] #4 00491141 in ?? () from samp-server.exe
[23/02/2021 08:19:56] [debug] #5 0049127c in ?? () from samp-server.exe
[23/02/2021 08:19:56] [debug] #6 0048d4fb in ?? () from samp-server.exe
[23/02/2021 08:19:56] [debug] #7 0049b591 in ?? () from samp-server.exe
[23/02/2021 08:19:56] [debug] #8 0049b5a1 in ?? () from samp-server.exe
I don't know how to simulate an invalid packet, so I tested it this way:
public OnIncomingPacket(playerid, packetid, BitStream:bs) { if(packetid == 207) //PLAYER_SYNC { BS_SetWriteOffset(bs, 552); BS_WriteValue( bs, PR_UINT8, 0 //exceeding the total bits of the onfoot sync (552) ); printf("this prints before the crash"); } return 1; }This will crash the server.
Edit: this code, without BS_ResetWritePointer, crashes in Windows, but not on Linux. Deleting BS_ResetWritePointer really prevents crash on Linux. I'm using BS_ResetWritePointer in my code, but what I did to fix it was to check the size of the packet before writing it.
server_log.txt (Linux):
[22/02/2021 18:58:52] [debug] Server crashed due to an unknown error [22/02/2021 18:58:52] [debug] Native backtrace: [22/02/2021 18:58:52] [debug] #0 f7af1e8b in _ZN10StackTraceC1EPv () from plugins/crashdetect.so [22/02/2021 18:58:52] [debug] #1 f7aeabcf in _ZN11CrashDetect20PrintNativeBacktraceERSoPv () from plugins/crashdetect.so [22/02/2021 18:58:52] [debug] #2 f7aebdbc in _ZN11CrashDetect20PrintNativeBacktraceEPv () from plugins/crashdetect.so [22/02/2021 18:58:52] [debug] #3 f7aec226 in _ZN11CrashDetect11OnExceptionEPv () from plugins/crashdetect.so [22/02/2021 18:58:52] [debug] #4 f7af1adc in ?? () from plugins/crashdetect.so [22/02/2021 18:58:52] [debug] #5 f7fca090 in __kernel_rt_sigreturn () from linux-gate.so.1 [22/02/2021 18:58:52] [debug] #6 f7fca069 in __kernel_vsyscall () from linux-gate.so.1 [22/02/2021 18:58:52] [debug] #7 f7b44382 in gsignal () from /lib/i386-linux-gnu/libc.so.6 [22/02/2021 18:58:52] [debug] #8 f7b2e2b6 in abort () from /lib/i386-linux-gnu/libc.so.6 [22/02/2021 18:58:52] [debug] #9 f7e85ab7 in ?? () from /lib/i386-linux-gnu/libstdc++.so.6 [22/02/2021 18:58:52] [debug] #10 f7e8d094 in ?? () from /lib/i386-linux-gnu/libstdc++.so.6 [22/02/2021 18:58:52] [debug] #11 f7e8d0fd in ?? () from /lib/i386-linux-gnu/libstdc++.so.6 [22/02/2021 18:58:52] [debug] #12 f7e8d3fc in ?? () from /lib/i386-linux-gnu/libstdc++.so.6 [22/02/2021 18:58:52] [debug] #13 f02f9371 in _ZN9Functions9RakServer9NewPacketEtRKN6RakNet9BitStreamE () from plugins/pawnraknet.so [22/02/2021 18:58:52] [debug] #14 f0307344 in _ZN5Hooks13InternalHooks18RakServer__ReceiveEPv () from plugins/pawnraknet.so [22/02/2021 18:58:52] [debug] #15 080aed6d in ?? () from ./samp03svr [22/02/2021 18:58:52] [debug] #16 080aef32 in ?? () from ./samp03svr [22/02/2021 18:58:52] [debug] #17 080aa16a in ?? () from ./samp03svr [22/02/2021 18:58:52] [debug] #18 f7b2fb41 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6 [22/02/2021 18:58:52] [debug] #19 0804b4e1 in ?? () from ./samp03svr
you confuse something, max for this packet is 456, not 552
@Dmitriy51
Code from plugin include:
BS_ReadValue(
bs,
PR_UINT16, data[PR_lrKey],
PR_UINT16, data[PR_udKey],
PR_UINT16, data[PR_keys],
PR_FLOAT3, data[PR_position],
PR_FLOAT4, data[PR_quaternion],
PR_UINT8, data[PR_health],
PR_UINT8, data[PR_armour],
PR_BITS, data[PR_additionalKey], 2,
PR_BITS, data[PR_weaponId], 6,
PR_UINT8, data[PR_specialAction],
PR_FLOAT3, data[PR_velocity],
PR_FLOAT3, data[PR_surfingOffsets],
PR_UINT16, data[PR_surfingVehicleId],
PR_INT16, data[PR_animationId],
PR_INT16, data[PR_animationFlags]
);
8+16+16+16+(3*32)+(4*32)+8+8+2+6+8+(3*32)+(3*32)+16+16+16 = 552 (first 8 bits is packet ID)
@Dmitriy51
Code from plugin include:
BS_ReadValue( bs, PR_UINT16, data[PR_lrKey], PR_UINT16, data[PR_udKey], PR_UINT16, data[PR_keys], PR_FLOAT3, data[PR_position], PR_FLOAT4, data[PR_quaternion], PR_UINT8, data[PR_health], PR_UINT8, data[PR_armour], PR_BITS, data[PR_additionalKey], 2, PR_BITS, data[PR_weaponId], 6, PR_UINT8, data[PR_specialAction], PR_FLOAT3, data[PR_velocity], PR_FLOAT3, data[PR_surfingOffsets], PR_UINT16, data[PR_surfingVehicleId], PR_INT16, data[PR_animationId], PR_INT16, data[PR_animationFlags] );8+16+16+16+(3*32)+(4*32)+8+8+2+6+8+(3*32)+(3*32)+16+16+16 = 552 (first 8 bits is packet ID)
You are right, I forgot data[PR_surfingOffsets]