Character Limit
-
good point. I have our server set to automatically back up the Multiplayer folder once a week. Then FLPlayerCleaner automatically runs and cleans the player files. This way if somebody does lose all their loot I can always restore the char from backups and they can shuffle things around as needed.
-
I found that issue with the 0xFFFFFFFF bug in the player files plus the overloaded cargo hold. Seems to happen only if you push the limit past the max of 5 players per account. In my case though it only craps out their account and doesnt crash the server.
-
One other thing you should do. Is it possible that the player in question has corrupted or incompatible game files? You should have that player reinstall FL, probably the JFLP, and also the latest version of your mod. May not make a difference, but at least you’ll have ruled that out as the cause.
-
Well i know of the PlayerCleaner Tool. But that does not help really to avoid crashing the server.
The server crashes as soon as the player list gets displayed. The routine that causes the crash is the CharacterInfoReq routine from the remoteclient.dll. At least thats what i get while debugging the hook. Its reproducable but i cant seem to find a way to avoid this crash.
I could parse all files before the remoteclient.dll routine is called. But its wrong to simply remove the equipments from one char who has more than 99 equipments as its the sum that seems to play a matter here. Character limit for one account is currently 9 although is also crashes with 8 chars only. If i remove one char then everything is fine tho. I dont know yet how to start to get around - than just remove each equip from the cargo that is beyond 99. Although that may make some players unhappy ;D
Is there known what limit exists as it seems not to be only 99 equips and also not char limit based for one account.
;( Struggling
Edit:
Its getting a bit more confusing now. I counted all the equipments on this account that is causing the crash. And it is not near any of the mentioned limits at all - except that one char has more than 99 equipments. I tried to remove on char from the account and so it works even with the “bugged” char still is on the list.
Then i made all chars again available and removed the base_cargo entries from the player file and it works. Ok too much base_cargo entries seems to be a reason - yeah. BUT no. It even works if i fill up the cargo entries from the player file so base_cargo and cargo count and items again match. Then the player even has too much cargo items but the account is still working this way with all player chars and the server is not crashing. So my last assumption is that the difference allone in one player file may be reason to trigger a crash. Although i dont understand why removing one char file before has also solved the issue so the server is not crashed.Has anyone an idea where base_cargo and cargo entries are coming from and why in most cases they are the same lists?
-
CharacterInfoReq () contains buffer overflow vulnerability, and can crash the server, with 7… 12 characters per account, and many visited objects or cargo holds.
Try to reduce arguments, contains buffer size (integer), not less than on 12.remoteclient.dll
0x96b1: 00 28 00 00 -> f0 27 00 00
0x9707: 00 90 01 00 -> f0 8f 01 00
It’s workaround only, NOT best solution. -
Interesting, thanks!
-
I am not sure, it is possible remoteserver.dll contains the same vulnerability,
0x9ae5: 00 28 00 00 -> f0 27 00 00
Has fixed client-side crashes in one of cases. -
Jolly_Roger wrote:
I am not sure, it is possible remoteserver.dll contains the same vulnerability,
0x9ae5: 00 28 00 00 -> f0 27 00 00
Has fixed client-side crashes in one of cases.So I need to edit:
remoteclient.dll
0x96b1: 00 28 00 00 -> f0 27 00 00
0x9707: 00 90 01 00 -> f0 8f 01 00
0x9ae5: 00 28 00 00 -> f0 27 00 00then I can fixed those crashes, am I right?
-
remoteclient.dll
0x96b1: 00 28 00 00 -> f0 27 00 00
0x9707: 00 90 01 00 -> f0 8f 01 00
remoteserver.dll (!!!)
0x9ae5: 00 28 00 00 -> f0 27 00 00Try it…
-
Jolly_Roger wrote:
0x9707: 00 90 01 00 -> f0 8f 01 00
remoteserver.dll (!!!)
0x9ae5: 00 28 00 00 -> f0 27 00 00Try it…
Wow! very thanks for your reply and help. ^_^
-
Two incidents with character files in last time, it was necessary to reduce size up to:
d0 8f 01 00
d0 27 00 00 -
Jolly_Roger wrote:
Two incidents with character files in last time, it was necessary to reduce size up to:
d0 8f 01 00
d0 27 00 00Your mean that:
change
remoteclient.dll
0x9707: 00 90 01 00 -> f0 8f 01 00to
remoteclient.dll
0x9707: 00 90 01 00 -> f0 27 00 00am I right?
Sorry for that I can’t understand what your mean.
-
No, he means:
remoteclient.dll
0x96b1: 00 28 00 00 -> d0 27 00 00
0x9707: 00 90 01 00 -> d0 8f 01 00
remoteserver.dll
0x9ae5: 00 28 00 00 -> d0 27 00 00I tried rigging one of my accounts (added 100 guns to the cargo and all the visit/npc/system/base/holes lines from a completed save game), reducing the buffer size, and setting a write breakpoint at the new end, but it seemed to work fine. There are tests to detect overflow, so it’s probably a particular set of circumstances that’s causing the problem. Any chance I could get hold of a player file that exhibits this crash?
-
adoxa wrote:
No, he means:remoteclient.dll
0x96b1: 00 28 00 00 -> d0 27 00 00
0x9707: 00 90 01 00 -> d0 8f 01 00
remoteserver.dll
0x9ae5: 00 28 00 00 -> d0 27 00 00Thanks Adoxa, now I know how to do.
-
Two DLL-s must be patched.
remoteclient.dll
0x96b1: 00 28 00 00 -> d0 27 00 00
0x9707: 00 90 01 00 -> d0 8f 01 00
remoteserver.dll
0x9ae5: 00 28 00 00 -> d0 27 00 00remoteclient.dll is server interface to client.
remoteserver.dll is client interface to server. -
adoxa wrote:
Any chance I could get hold of a player file that exhibits this crash?I did not save problem character files, i shall publish them in case of more incident.
Necessary many character files, from many visited objects or cargo hold, the removal of any character file in account, solves a problem. -
yep and as far as i can tell the crashes are not connected to one char. Its more likely the combination of character in that account. Removing one char from an account solves the crash, editing one char solves the prob, but all this must not mandatorily point to the char that once is the root cause amongst the others from that account.
-
Hm, okay. BTW, have you tried looking at a packet dump? That might provide some data; in particular, look at packets having a size greater than 10238 ( = 0x2800, or 10190 = 0x27d0, less two) as they should be the ones going wrong (there’s a 10Ki buffer on the stack).