CVE-2010-2534 (vulnerable 1.0.1 - fixed 1.0.3)

Short description: Denial of service (server) via infinite loop

Official CVE-2010-2534 entry at cve.mitre.org.

Related bug reports:

Related commits:

Patches: (sometimes more fuzz is needed to apply them)

When multiple commands are queued (at the server) for execution in the next game tick and an client joins the server can get into an infinite loop.

With the default settings triggering this bug is difficult (if not impossible), however the larger value of the “frame_freq” setting is easier it is to trigger the bug.

To trigger this bug in a server there must be enough activity on the server, that is commands being sent to the server for execution. Furthermore the joining client that triggers the bug must know the server password if there is a server password and there must be place for the new client.