Character Limit

JONG

Jolly_Roger wrote:
I am not sure, it is possible remoteserver.dll contains the same vulnerability,
0x9ae5: 00 28 00 00 -> f0 27 00 00
Has fixed client-side crashes in one of cases.

So I need to edit:

remoteclient.dll
0x96b1: 00 28 00 00 -> f0 27 00 00
0x9707: 00 90 01 00 -> f0 8f 01 00
0x9ae5: 00 28 00 00 -> f0 27 00 00

then I can fixed those crashes, am I right?

Jolly_Roger

remoteclient.dll
0x96b1: 00 28 00 00 -> f0 27 00 00
0x9707: 00 90 01 00 -> f0 8f 01 00
remoteserver.dll (!!!)
0x9ae5: 00 28 00 00 -> f0 27 00 00

Try it…

JONG

Jolly_Roger wrote:

0x9707: 00 90 01 00 -> f0 8f 01 00
remoteserver.dll (!!!)
0x9ae5: 00 28 00 00 -> f0 27 00 00

Try it…

Wow! very thanks for your reply and help. ^_^

Jolly_Roger

Two incidents with character files in last time, it was necessary to reduce size up to:
d0 8f 01 00
d0 27 00 00

JONG

Jolly_Roger wrote:
Two incidents with character files in last time, it was necessary to reduce size up to:
d0 8f 01 00
d0 27 00 00

Your mean that:

change

remoteclient.dll
0x9707: 00 90 01 00 -> f0 8f 01 00

to

remoteclient.dll
0x9707: 00 90 01 00 -> f0 27 00 00

am I right?

Sorry for that I can’t understand what your mean.

adoxa

No, he means:

remoteclient.dll
0x96b1: 00 28 00 00 -> d0 27 00 00
0x9707: 00 90 01 00 -> d0 8f 01 00
remoteserver.dll
0x9ae5: 00 28 00 00 -> d0 27 00 00

I tried rigging one of my accounts (added 100 guns to the cargo and all the visit/npc/system/base/holes lines from a completed save game), reducing the buffer size, and setting a write breakpoint at the new end, but it seemed to work fine. There are tests to detect overflow, so it’s probably a particular set of circumstances that’s causing the problem. Any chance I could get hold of a player file that exhibits this crash?

JONG

adoxa wrote:
No, he means:

remoteclient.dll
0x96b1: 00 28 00 00 -> d0 27 00 00
0x9707: 00 90 01 00 -> d0 8f 01 00
remoteserver.dll
0x9ae5: 00 28 00 00 -> d0 27 00 00

Thanks Adoxa, now I know how to do.

Jolly_Roger

Two DLL-s must be patched.

remoteclient.dll
0x96b1: 00 28 00 00 -> d0 27 00 00
0x9707: 00 90 01 00 -> d0 8f 01 00
remoteserver.dll
0x9ae5: 00 28 00 00 -> d0 27 00 00

remoteclient.dll is server interface to client.
remoteserver.dll is client interface to server.

Jolly_Roger

adoxa wrote:
Any chance I could get hold of a player file that exhibits this crash?

I did not save problem character files, i shall publish them in case of more incident.
Necessary many character files, from many visited objects or cargo hold, the removal of any character file in account, solves a problem.

Huor

yep and as far as i can tell the crashes are not connected to one char. Its more likely the combination of character in that account. Removing one char from an account solves the crash, editing one char solves the prob, but all this must not mandatorily point to the char that once is the root cause amongst the others from that account.

adoxa

Hm, okay. BTW, have you tried looking at a packet dump? That might provide some data; in particular, look at packets having a size greater than 10238 ( = 0x2800, or 10190 = 0x27d0, less two) as they should be the ones going wrong (there’s a 10Ki buffer on the stack).