Page MenuHomeFeedback Tracker

Ed
User

Projects

User does not belong to any projects.

User Details

User Since
Jun 26 2013, 1:12 AM (469 w, 3 d)

Recent Activity

May 10 2016

Ed added a comment to T69892: Mk20 name does not appear as expected in the info bar at the top right..

This comes from the displayName within the cfgFiles. Multiple backpacks and weapons have these errors. The displayName contains something like "localize "A3_bla_bla_bla"". Reported here http://feedback.arma3.com/view.php?id=11277

May 10 2016, 4:51 AM · Arma 3
Ed added a comment to T69734: profileNamespace holds potential security (hacking) issues..

You are correct. It's not good at all. That's why it needs attention.

May 10 2016, 4:46 AM · Arma 3
Ed added a comment to T69734: profileNamespace holds potential security (hacking) issues..

I suggest this not turn into an argument. I have done my part in revealing a white hat.

@Killzone_Kid: You have no insight about this matter. It's not about satisfying any hacker. It's about preventing them from using this to cause mischief.

@Raoul1234: I don't know how writing a file and using bandwidth meets up. But if Wikipedia's meaning about bandwidth is wrong, then have my sincerest apologies.

May 10 2016, 4:46 AM · Arma 3
Ed added a comment to T69734: profileNamespace holds potential security (hacking) issues..

By using the following script, I made my file 100mb within a minute.

spammer = {
nameSpace1 = profileNamespace;
while {true} do
{
call compile format["
nameSpace1 setVariable ['var%1%2','%3'];
", floor(random(10000000)), floor(random(10000000)), "SPAM"];
};
};

while {true} do
{

  • spawn spammer;

sleep 0.1;
saveProfileNamespace;
};

At least some kind of user defined limit should be added to prevent things like this.

Remember, this has nothing to do with the network connection. It's local only.

May 10 2016, 4:46 AM · Arma 3
Ed added a comment to T69734: profileNamespace holds potential security (hacking) issues..

I've tested this in my editor. It makes the file size go bigger by about 3kb per second. So imagine a hacker injecting this into a server using BIS_fnc_MP. You will play for about an hour on a server (or even more). Then your file will end at 3 x 60 x 60. Which is about 10mb. Not much. But imagine a hundred of these loops running in parallel.

May 10 2016, 4:46 AM · Arma 3
Ed added a comment to T69734: profileNamespace holds potential security (hacking) issues..

You let the script happen client side. 5kb mission. Player won't even noticed it downloaded.

nameSpace1 = profileNamespace;
while {true} do
{
call compile format["
nameSpace1 setVariable ['var%1%2','%3'];
", floor(random(10000000)), floor(random(10000000)), "SPAM"];
saveProfileNamespace;
};

wich yea go figure doesn't need you to wait to download it.

May 10 2016, 4:46 AM · Arma 3
Ed added a comment to T69734: profileNamespace holds potential security (hacking) issues..

What if you join a zombie server and it spams your file with random variables until it reaches 10GB in size?

May 10 2016, 4:46 AM · Arma 3
Ed added a comment to T69734: profileNamespace holds potential security (hacking) issues..

When you save data it has a little prefix saying what data type it is. So for instance if you save a String, it will add a STRING prefix to your data.

So when a number is processed when loaded, it should be converted from a stored string to a number.
Same with an array. If the process of creating an array would be similar to the following example:
array = call compile "[1, 2, 3]";

Then you can change the "[1, 2, 3]" to something like
"Admin = getPlayerUID player; [1, 2, 3];"

I also found in my data a stored value containing this:
hint format["%1", getDammage player];

That could easily be changed to any desired script of the evil doer.

I suggest using this feature only server side to prevent players from injecting data that you don't want them to.

May 10 2016, 4:46 AM · Arma 3
Ed edited Steps To Reproduce on T69734: profileNamespace holds potential security (hacking) issues..
May 10 2016, 4:46 AM · Arma 3
Ed edited Steps To Reproduce on T69636: Error for display name in cfgVehicles..
May 10 2016, 4:42 AM · Arma 3
Ed added a comment to T69631: Add scripting command to get the name of a player.

It even affects the multiplayer chat.

May 10 2016, 4:42 AM · Arma 3
Ed added a comment to T69618: Online (live) editor.

I thought about this exact same thing. I wanted to make an addon together with a mission that allows this. Now that you've suggested it, I will wait for a response first before I reinvent the wheel.

May 10 2016, 4:42 AM · Arma 3
Ed added a comment to T69566: HEMTT fuel tank hit boxes incorrect.

I reported it here.
http://feedback.arma3.com/view.php?id=11158
It's not only the HEMTT.

May 10 2016, 4:40 AM · Arma 3
Ed added a comment to T69560: BIS_fnc_MP doesn't execute on given player ID..

Seems like I looked at the wrong feature for the error. The player ID returns 5.3...+e4(some weird number). I guess that's what was wrong actually.

May 10 2016, 4:40 AM · Arma 3
Ed edited Steps To Reproduce on T69560: BIS_fnc_MP doesn't execute on given player ID..
May 10 2016, 4:40 AM · Arma 3
Ed edited Steps To Reproduce on T69518: getHit.
May 10 2016, 4:37 AM · Arma 3
Ed added a comment to T69517: Empty HitPoints in cfgVehicles.

Vehicles still returning 0 HitPoints:
PO-30 Orca
HEMTT Transport

Other issues:
Quadbike, Hunter, Ifrit and Strider does not return HitBody
Zamak only returns wheels.
Ifrit has HitReserveWheel, but it doesn't have a reserve wheel.

May 10 2016, 4:37 AM · Arma 3
Ed added a comment to T69517: Empty HitPoints in cfgVehicles.

Some hats from cfgWeapons can be worn, but has no model. (invisible hats)

May 10 2016, 4:37 AM · Arma 3
Ed added a comment to T69517: Empty HitPoints in cfgVehicles.

It's one of the dialogs in a mission I am busy developing.

May 10 2016, 4:37 AM · Arma 3
Ed edited Steps To Reproduce on T69517: Empty HitPoints in cfgVehicles.
May 10 2016, 4:37 AM · Arma 3
Ed edited Steps To Reproduce on T69236: Some building positions are buggy.
May 10 2016, 4:28 AM · Arma 3
Ed edited Steps To Reproduce on T69234: setVariable does not work on Locations..
May 10 2016, 4:28 AM · Arma 3
Ed added a comment to T69234: setVariable does not work on Locations..

Thank you for the info ceeeb. What would you suggest I do to keep information per location? Maybe an array that I need to spam with publicVariable?

May 10 2016, 4:28 AM · Arma 3
Ed added a comment to T68991: Enable Persistent Missions: onPlayerConnected and onPlayerDisconnected scripting commands are not stackable.

This function might just make onPlayerConnected obsolete.
http://community.bistudio.com/wiki/BIS_fnc_MP

May 10 2016, 4:15 AM · Arma 3
Ed edited Steps To Reproduce on T68875: Some objects don't react correctly to scripts.
May 10 2016, 4:11 AM · Arma 3
Ed edited Steps To Reproduce on T68708: Return all classes in array function..
May 10 2016, 4:05 AM · Arma 3
Ed edited Steps To Reproduce on T68705: Vehicle sights stuck at full zoom.
May 10 2016, 4:05 AM · Arma 3
Ed added a comment to T68684: Server will "Mission Failed" for no reason.

It happened on a simple Gun Game mission I created yesterday also with BASE respawns.

May 10 2016, 4:04 AM · Arma 3
Ed added a comment to T68534: official JavaScript support in Arma 3 engine.

Maybe if they enable javascript support in the dialogs at least.

May 10 2016, 3:58 AM · Arma 3
Ed added a comment to T62765: Shareable Editor Sessions / Simultaneous Mission Editing.

Will this be getting a yes/no answer from the devs?

May 10 2016, 12:15 AM · Arma 3

May 9 2016

Ed added a comment to T61934: setOvercast command not functioning.

I looked at the rate in which the overcast changes. Seems like it is set to about 2500 - 2700 seconds till the overcast is changed.

<code>
_initialOvercast = overcast;
_targetOvercast = 1;
0 setOvercast _targetOvercast;
_count = 0;
while {true} do
{
_over = overcast;
sleep 1;
hint parseText format["Current Overcast:%1<br/>Change in overcast per second:%2<br/>Time running(Seconds):%3<br/>Estimated time:%4",overcast, overcast - _over, _count, floor((_targetOvercast - _initialOvercast) / (overcast - _over))];
_count = _count + 1;
};

</pre>

these forums do not display my < b r / >

May 9 2016, 11:36 PM · Arma 3
Ed added a comment to T61934: setOvercast command not functioning.

Perhaps that 1 hour is the time in which the weather setting from within the mission editor changes to the forecasted weather setting.

May 9 2016, 11:36 PM · Arma 3