This repository has been archived by the owner on Jan 13, 2022. It is now read-only.
Add upper limit for file size transfers (CVSS score: 4.0) #129
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a backport of a security relevant fix for RakNet which was brought to our attention by a user - see SLikeSoft#19 for details. The issue has already been fixed in SLikeNet 0.1.1 (see https://www.slikenet.com/).
We provide this backport for people who prefer to stick with the RakNet project and also in order to easier share this fix with other RakNet forks.
CVSS Base score: 4.3
CVSS Temporal score: 4.0
CVSS Overall score: 4.0
CVSS v3 vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:F/RL:O/RC:C
The security implications are medium in our opinion. The issue only applies in applications which utilize the FileListTransfer class (f.e. used via the Autopatcher). When limiting the usage to the core functionality of RakNet, the app cannot be exploited via the vulnerability. If the app/game requires prior authentication, only authenticated users can exploit the vulnerability.
The problem surfaces by RakNet allowing unbound memory allocations when retrieving large files (up to 4GiB). If the allocation doesn't fail, RakNet will consume the amount of memory for as long as the file transfer takes. This can be used for DoS attacks ultimately trying to deplete the system resources on the server.
This pull requests adds a new compile time config value which should be defined to a reasonable value (f.e. 10 MB) based on the largest files which the game/app will transmit.