Jump to content
ruubi

Corsairs Online Sources Bug-List

Recommended Posts

Hello, before leaving ToP community for good, I want to release a list made by me and a friend, I hope this helps everyone, and I wish people can contribute and help each other with fixes for these bugs.
(Note: There might be bugs that don't happen in your client, we mentioned it there from other's experiences)
 

List by yagura2k(me) & Mothanna

AccountServer:
    * Sql-Injection. --mac change packet
    * Sending a big packet len -> a possible way of crash. --Change header of username login to 20k leads to crash
    
GameServer:
    * Case 2(CCharacter::ProcessPacket) -> can run lua cmds through here and have control over all the host aswell(remove it, it is a backdoor)
    * Offline-Stall Crash. --This one has multi reasons, what we are talking her about memaddre co set it to -1 which is cause of the crash.
    * DoString Crash/lua51. -No info about this, it was nostring from debugger.
    * Gold-hack. --When you have locked states by lock inventory or locked by trade/stall and send sell packet to npc.
    * AfterEnterMap/BeforeLeaveMap Crash. --No info about this happened once
    * Long Item-string Crash. --Takeitem Additem if itemname > 32 len its overflow buffer and crash GameServer.
    * Item-click bug(You cannot consume or double-click items, you can but it's really hard to).
          -It's from the rightclick addon in gameserver made by co for new pet system, just remove it.
    * Switch Item with F1-F12 Bar -> If this gets spammed, it can crash the person who is standing besides you.
         -This not common happen only if u have 1 ping just keep switch weapon will crash all people around you
    * Guild-bank -> Moving items and spamming them, can lead to a GameServer crash, has to be checked. --Dupe while using boats, just check on it, and packet query size is 10.
    * MoveCity Crash. --Happens when have invalid birthcity.
    * Bag of Holding -> Has to be removed unless the code is re-written, it is broken.
    * Accept guild notice wrong message.
    * Mentoring while offline-stalling -> can lead to GameServer crash.
    
GateServer:
    * 03 Packet Crash. --Packet editor header its inside sdk server file packet len 66k
    * Disconnect by spamming loot.
    * Register Feature -> It is not safe to use unless there's captcha or cooldown for creating accounts.
    * ToProcess:OnClient Packet len crash. --WPE 6 len key has no check if its <6 so if its <6 gate crash.
    
GroupServer:
    * Create Pin-Code Sql-Injection. --This one is a clear known bug.
    * Pin Code Sql-Injection. -This one is a clear known bug.
    * Bag of Holding -> Has to be removed unless the code is re-written, it is broken.
    
Lua:
    * Analyze-dupe -> can be fixed by adding a check for locked item in analyze system.
    * Stalling locked item -> can be fixed by adding a check for locked items as well.
    * Lua51 has to be upgraded. --LUAJIT to 2.0.5.
    * MapUtil bug, can lead to a GameServer Freeze. --This is a theory.
    * Overall checks for everything for locked items, everything has to have a check if item is locked or not.
    * Star of Unity Formula & Rewards -> Urgent, has to be re-written and checked before launching the server.
    * Newbie Box Rewards -> Urgent as well, the rewards for every class has to be checked!(Encountered before, lv50 staff from lv25 newbie chest).
    * Experience system -> Has to be checked as well! Experience will most likely get bugged after level 35-45. --EXP system has exp jump on lv 79 to 91
    * Spawn points -> Has to be checked for teleporters. -same as MoveCity issue, if has invalid birth, its gonna crash.
    
    
    
Client:
    * Block system is not working, you block someone then if you relog, the block list gets wiped.
    * Using Guild-Colors/Forms -> not safe, this has been tested and you can crash everyone's client that sees your character.
    * Screenshot client crash. --Buffer overflow for 4k.
    * Trade-value wrong when buying something from NPC.
    * Client will crash while you use manu's. --When you have x1 manu left in your inventory and use it, it will crash your client.
    * Using some skills will make the character freeze & stuck or can be stunned forever as well.
    * MPTerrain Destructor Crash -> usually happens in PK with a good more or less amount of people(It can crash during randomly walking or teleporting as well).
    * Buffing someone or yourself -> leading for the character to die. --This happens due timer when timer becomes 1 or less and u use skill on that person it kill it, the fixed been pushed in top-recode.
    * Colour Notice Crash. --Happens due to visual studio upgrade.
    * Using guild-bank and spamming it can lead to a client crash.  --Happens due syn, a guild bank cool-down would work as a workaround fix.


Note 2: There might be more than these! if you know more, share it in this topic so other's know about it!
Thank you ToP for all these years!
    

Edited by ruubi
  • Thanks 1

Share this post


Link to post
Share on other sites

sorry to hear that you are leaving the community for good.

Thanks for the great list of identified bugs. Can I ask how you curated this list? Did you find these bugs yourself? Did you run any static code analysers to find the buffer overflow bugs? And why on earth did you try to:

Switch Item with F1-F12 Bar -> If this gets spammed, it can crash the person who is standing besides you.


Hope to hear from you, DM can also.

Share this post


Link to post
Share on other sites
3 hours ago, superNL said:

Lamento saber que se va de la comunidad para siempre.

Gracias por la gran lista de errores identificados. ¿Puedo preguntar cómo seleccionó esta lista? ¿Encontraste estos errores tú mismo? ¿Ejecutó algún analizador de código estático para encontrar los errores de desbordamiento del búfer? ¿Y por qué diablos trataste de:

Cambiar de artículo con la barra F1-F12 -> Si se envía spam, puede bloquear a la persona que está a tu lado.


Espero tener noticias tuyas, DM también puede hacerlo.

yagura2k#1001 = laroi#1337 = yagura#2968 = ruubi = sonia elena negresca

one less scammer, there is nothing to regret

maybe I'll come back with another name lol

Edited by wolfenx
  • Like 1

Discord:Wolfen#1498

https://www.patreon.com/ReTop

Share this post


Link to post
Share on other sites
18 hours ago, superNL said:

sorry to hear that you are leaving the community for good.

Thanks for the great list of identified bugs. Can I ask how you curated this list? Did you find these bugs yourself? Did you run any static code analysers to find the buffer overflow bugs? And why on earth did you try to:

Switch Item with F1-F12 Bar -> If this gets spammed, it can crash the person who is standing besides you.


Hope to hear from you, DM can also.

no these bugs been found while x servers running , there is more been fixed there and there 

and switch item not really effected  its happen only in very low pings mostly in local clients  and the switch happen due co new feature of switching items from skill bar

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...