Short description: Denial of service (server) via leaking file descriptors
Official CVE-2010-0406 entry at cve.mitre.org.
Related bug reports:
Related commits:
Patches: (sometimes more fuzz is needed to apply them)
Upon a client downloading the map from the server a file is allocated. If this download fails for any reason at the client side, e.g. lost connection or the player cancelling the download, a file descriptor is lost.
Repeating this process enough times can cause OpenTTD to run out of file descriptors and as a result crash OpenTTD.
The attached patches do not change network compatability at all.