[kovarex] [1.1.21] Crash of server when scrolling blueprint book during sync

This subforum contains all the issues which we already resolved.
Post Reply
Long Handed Inserter
Long Handed Inserter
Posts: 53
Joined: Tue Dec 01, 2020 6:57 pm

[kovarex] [1.1.21] Crash of server when scrolling blueprint book during sync

Post by KeepResearchinSpoons »

a bug
What works:
The server crashes.
(vector detected and tested around 1.1.6 / Dec 2020)

err how?
just copy your bp storage 4mb+ to a second file, wipe the main one, join the server,
make a book you can scroll with a wheel pretty fast, (3+ prints),
put a book to your fast slot (WITHOUT COPYING IT; it has to refer to global lib)
(and yup you need to use a headless server so that "latency" is >0.000).

Now disconnect and swap bp to the BIG one, Join back. And while it is still in SYNC-bp-lib state start scrolling the book through with your wheel pretty fast.
The server should go down in seconds.

How to do it?
Here's a video for ya:
PoC YouTube video of a full MWE

I have the permission to go public on this in DM on this forum.
I have reported it before but with fewer details on how-to. (pretty long ago, not just yesterday)
The bug was also tested (once)(or well 4 times total probably inc initial discovery test) to work just "fine" on the populated comfy "prod" server of MF.
(night time)(sorry guys if got you any harm, the server save was requested, warnings issued, thanks Hana)

For server admins:
thanks to 1.1.9 patch (some client side fixes) logs show at least something! but it is still pretty unclear on "who exactly did this". However the method shown in video (no packet sniffers/gates) only works a few seconds after the sync of prints have started.
So temporal whitelists bots or a hard limit on map-download slots should mitigate the uncertainty on "who did this" quite a lot.
You don't have to nor need to set those limits but well just in case you need to do something real quick right this moment this is a possible hardening answer.
(there is another way to exploit this that escapes these limits but afaics it requires such advanced tools and rare skill that you won't be able to defend against these ppl anyways were they to go wild on you so just ignore it)

Posts: 25
Joined: Fri Sep 01, 2017 8:46 pm

Re: [1.1.21] Server crash when scrolling blueprint book during sync (BlueprintRecord.cpp:180 synchronised was not true)

Post by peet1993 »

Can reproduce both with a windows client on a linux headless instance and with a linux client on a windows server.
The logs and the large blueprint book I used are attached for easier reproduction. Blueprints are from factorioprints.com :D
(836.92 KiB) Downloaded 27 times
(33.18 KiB) Downloaded 29 times
(12.41 KiB) Downloaded 24 times

Factorio Staff
Factorio Staff
Posts: 8053
Joined: Wed Feb 06, 2013 12:00 am

Re: [kovarex] [1.1.21] Crash of server when scrolling blueprint book during sync

Post by kovarex »

Thanks for the report and for the easy to understand reproduction steps. It was a "walk in a park" to reproduce and fix the problem.

Fixed for the next release.

Post Reply

Return to “Resolved Problems and Bugs”