The Quake 3 engine has problems to handle big queries allowing an
attacker to shutdown any game server based on this engine:
ERROR: Info_SetValueForKey: oversize infostring
In some of the vulnerable games is also possible to crash the server.
Theres an universal patcher that limits the amount of handled
data in the queries from 1023 to 512 solving the problem in any game:
[url removed, login to view]
However, our game, Soldier of Fortune 2, is still vulnerable especially when having a mod added.
What we want is a solution to this problem. Either a fix or workaround.
One solution would of course be overlooking and fixed the game itself.
Another one an external program that limits the getstatus requests that is received by the server, in order to prevent if from getting flooded.
1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done.
2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables):
a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment.
b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request.
3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).
Windows 2003 Server
Soldier of Fortune 2