While messing with the limited functionality of the current listserver configuration I discovered a potential bug. It is unlikely anyone will be trying to connect with Graal v1.19 but this problem still may shed some light on a vulnerability or other area that needs attention. Launch a listserver v2 with or without mysql support (i tested both builds) and point a Graal 1.19 client at it and attempt to connect. It will crash every time.
On a side note:
Graal 1.41r1 is the earliest client Iv been able to successfully connect to my server with. I did connect with 1.39 after making modifications to the allowedversions config to make it allow everything even before NW, but that wasn’t pretty at all.
This is a little late for a followup, but how are you connecting with the Graal v1.19 client? Version 1.41 (or was it 1.4?) was the earliest client that supported a serverlist. Version 1.39 and earlier required you to manually enter in a server IP address.
Do you mean the v2.19 client? I could see how that would be an issue, as the v2.19 client used the v2.22 encryption scheme, but only supported bz2 compression. The 2.22 client has an extra byte that specifies how the packet is compressed (uncompressed, zip, bz2.) This byte doesn’t exist in 2.171 or 2.19 as they only use zip/bz2, respectively. I don’t know if the serverlist understands the 2.19 packet format (the gserver does.)
No I was referring to Graal client v 1.19. It allows you to specify the server IP address. During the time I was testing older clients for the heck of it, I had a listserver v2 running and I mistakenly pointed the 1.19 client at the listserver port instead of the gserver I was also running. I noticed my mistake and also noticed that it caused serverlist to crash. After re-trying it to see if it was a coincidence I discovered it caused the serverlist to crash again. Since then I tried testing this with GR listserver just to see if it was in fact a vulnerability and it did not cause the GR listserver to crash so I figured it was an issue with my build only and forgot about it. Anyway not that anyone would use the 1.19 client or the ‘unlimited’ gserver that was released with it when 1.39 or newer is readily available but I was just messing around and at the time thought this might be a vulnerability. You could test it if you are curious but I think it was just a local issue on my end and I made a whole lot of something out of nothing as a result
Well, there was at one point a bug that could crash the gserver/listserver when it tried to read a certain byte from a corrupted packet stream. It is possible you were using an old version of the listserver that didn’t have the bugfix. I’ll mark it as resolved.
