nchebrov/azerothcore-wotlk
1
0
Fork 0
mirror of https://github.com/mod-playerbots/azerothcore-wotlk.git synced 2026-01-13 17:19:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(Core/AuthSocket): Added check for AuthFlooder (#2387)

Browse Source
This commit is contained in:
Stefano Borzì
2019-10-30 08:18:00 +01:00
committed by Stoabrogga
parent 3b67466d9c
commit ce30c08fbc
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/server/authserver/Server/AuthSocket.cpp
View File

@@ -208,6 +208,10 @@ void AuthSocket::OnRead()
{
#define MAX_AUTH_LOGON_CHALLENGES_IN_A_ROW 3
uint32 challengesInARow = 0;
#define MAX_AUTH_GET_REALM_LIST 10
uint32 challengesInARowRealmList = 0;
uint8 _cmd;
while (1)
{
@@ -224,6 +228,15 @@ void AuthSocket::OnRead()
return;
}
}
else if (_cmd == REALM_LIST) {
challengesInARowRealmList++;
if (challengesInARowRealmList == MAX_AUTH_GET_REALM_LIST)
{
sLog->outString("Got %u REALM_LIST in a row from '%s', possible ongoing DoS", challengesInARowRealmList, socket().getRemoteAddress().c_str());
socket().shutdown();
return;
}
}
size_t i;