Page MenuHomeFeedback Tracker
Create Task
Maniphest T80622

Locality issue with CreateVehicleLocal
New, WishlistPublic
Actions

Description

Even tough CreateVehicleLocal should be only noticeable on client that executes it its Not. After effects (explosion) of an object is still Global. Making any hacker easily wipe a server without ANY logs. There is also fairly known way to bypass Script.txt that Im sure you are aware of.

Details

Legacy ID
1019699934
Severity
None
Resolution
Open
Reproducibility
Always
Category
Multiplayer
Steps To Reproduce

Simply execute this on any client connected to a server:

// 4000 letters of nothing here.
{

"Bomb_03_F" createVehicleLocal (getPos _x);

} forEach allUnits;

Any bomb would work.

Additional Information

Fix? : Make CreateVehicleLocal filters by CreateVehicle filter?

Event Timeline

Grim edited Steps To Reproduce. (Show Details)Jan 9 2015, 11:24 PM
Grim edited Additional Information. (Show Details)
Grim set Category to Multiplayer.
Grim set Reproducibility to Always.
Grim set Severity to None.
Grim set Resolution to Open.
Grim set Legacy ID to 1019699934.May 7 2016, 8:04 PM
Grim edited a custom field.
Manzarek added a subscriber: Manzarek.Sep 28 2018, 8:20 PM

So what can we do to protect server from this?
Using https://community.bistudio.com/wiki/CfgDisabledCommands will make flares, smoke, flash not working

© Bohemia Interactive a.s. Bohemia Interactive® is a registered trademark of Bohemia Interactive a.s. All rights reserved. · Privacy Policy · Terms and Conditions