CVE-2010-0406 (vulnerable 0.3.5 - fixed 1.0.1)

Short description: Denial of service (server) via leaking file descriptors

Official CVE-2010-0406 entry at

Related bug reports:

Related commits:

Patches: (sometimes more fuzz is needed to apply them)

Upon a client downloading the map from the server a file is allocated. If this download fails for any reason at the client side, e.g. lost connection or the player cancelling the download, a file descriptor is lost.

Repeating this process enough times can cause OpenTTD to run out of file descriptors and as a result crash OpenTTD.

The attached patches do not change network compatability at all.