A 'Bag_Base' object contained inside the array of another 'Bag_Base' object causes a stack overflow when 'BIS_fnc_loadInventory' is called from the 'TapUse' function. This is due to a data type misalignment of the inventory array of a 'Bag_Base' object and is pushed to the server stack through the 'TapUse' call to 'BIS_fnc_loadInventory'. Arma3server.exe crashes with Exception code: C00000FD STACK_OVERFLOW at 00AXXXX.
Description
Description
Details
Details
- Legacy ID
- 2786718395
- Severity
- None
- Resolution
- Open
- Reproducibility
- Always
- Category
- Game Crash
Steps To Reproduce
- Have two bags, one on the ground, one on the player.
- Open inventory, open bag inventory, drag other bag inside.
- Close inventory, reopen and drop the backpack containing the backpack.
- Open the inventory of the ground, double click and open bag.
- Attempt to move the inner bag to player backpack slot then close inventory.
- Use the 'Hand Grab' by aiming at the bag and pressing spacebar.
- Most times clients will freeze; everytime the server will Z-line.
Additional Information
found this link on reddit, reported instantly
private because I'd like to stay pseudonymous and I don't want other players to see this critical exploit