move exploit prevention and limits code out of serverauthentication, and have actual defs for CBasePlayer

author: BobTheBob9 <for.oliver.kirkham@gmail.com> 2022-07-12 14:05:02 +0100
committer: BobTheBob9 <for.oliver.kirkham@gmail.com> 2022-07-12 14:05:02 +0100
commit: 6ae30c9b15fcc200c7b642016e7adbfdf9b979f4 (patch)
tree: f645afba242a092e1e920582f37ae396e35b5e06 /NorthstarDLL/limits.cpp
parent: 1068b3daeb95322461e69a2d8f0203309bd22830 (diff)
download: NorthstarLauncher-6ae30c9b15fcc200c7b642016e7adbfdf9b979f4.tar.gz
NorthstarLauncher-6ae30c9b15fcc200c7b642016e7adbfdf9b979f4.zip
1 files changed, 185 insertions, 0 deletions
diff --git a/NorthstarDLL/limits.cpp b/NorthstarDLL/limits.cpp
new file mode 100644
index 00000000..051ed8f8
--- /dev/null
+++ b/NorthstarDLL/limits.cpp
@@ -0,0 +1,185 @@
+#include "pch.h"
+#include "limits.h"
+#include "hoststate.h"
+#include "r2client.h"
+#include "r2engine.h"
+#include "tier0.h"
+#include "serverauthentication.h"
+
+AUTOHOOK_INIT()
+
+ServerLimitsManager* g_pServerLimits;
+
+ConVar* Cvar_net_datablock_enabled;
+
+void ServerLimitsManager::AddPlayer(R2::CBasePlayer* player)
+{
+	PlayerLimitData limitData;
+	m_PlayerLimitData.insert(std::make_pair(player, limitData));
+}
+
+bool ServerLimitsManager::CheckStringCommandLimits(R2::CBasePlayer* player)
+{
+	if (CVar_sv_quota_stringcmdspersecond->GetInt() != -1)
+	{
+		// note: this isn't super perfect, legit clients can trigger it in lobby if they try, mostly good enough tho imo
+		if (Tier0::Plat_FloatTime() - m_PlayerLimitData[player].lastClientCommandQuotaStart >= 1.0)
+		{
+			// reset quota
+			m_PlayerLimitData[player].lastClientCommandQuotaStart = Tier0::Plat_FloatTime();
+			m_PlayerLimitData[player].numClientCommandsInQuota = 0;
+		}
+
+		m_PlayerLimitData[player].numClientCommandsInQuota++;
+		if (m_PlayerLimitData[player].numClientCommandsInQuota >
+			CVar_sv_quota_stringcmdspersecond->GetInt())
+		{
+			// too many stringcmds, dc player
+			return false;
+		}
+	}
+
+	return true;
+}
+
+bool ServerLimitsManager::CheckChatLimits(R2::CBasePlayer* player)
+{
+	if (Tier0::Plat_FloatTime() - m_PlayerLimitData[player].lastSayTextLimitStart >= 1.0)
+	{
+		m_PlayerLimitData[player].lastSayTextLimitStart = Tier0::Plat_FloatTime();
+		m_PlayerLimitData[player].sayTextLimitCount = 0;
+	}
+
+	if (m_PlayerLimitData[player].sayTextLimitCount >= Cvar_sv_max_chat_messages_per_sec->GetInt())
+		return false;
+
+	m_PlayerLimitData[player].sayTextLimitCount++;
+	return true;
+}
+
+AUTOHOOK(CNetChan__ProcessMessages, engine.dll + 0x2140A0, char, __fastcall, (void* self, void* buf))
+{
+	enum eNetChanLimitMode
+	{
+		NETCHANLIMIT_WARN,
+		NETCHANLIMIT_KICK
+	};
+
+	double startTime = Tier0::Plat_FloatTime();
+	char ret = CNetChan__ProcessMessages(self, buf);
+
+	// check processing limits, unless we're in a level transition
+	if (R2::g_pHostState->m_iCurrentState == R2::HostState_t::HS_RUN && Tier0::ThreadInServerFrameThread())
+	{
+		// player that sent the message
+		R2::CBasePlayer* sender = *(R2::CBasePlayer**)((char*)self + 368);
+
+		// if no sender, return
+		// relatively certain this is fine?
+		if (!sender || !g_pServerLimits->m_PlayerLimitData.count(sender))
+			return ret;
+
+		// reset every second
+		if (startTime - g_pServerLimits->m_PlayerLimitData[sender].lastNetChanProcessingLimitStart >= 1.0 ||
+			g_pServerLimits->m_PlayerLimitData[sender].lastNetChanProcessingLimitStart == -1.0)
+		{
+			g_pServerLimits->m_PlayerLimitData[sender].lastNetChanProcessingLimitStart = startTime;
+			g_pServerLimits->m_PlayerLimitData[sender].netChanProcessingLimitTime = 0.0;
+		}
+		g_pServerLimits->m_PlayerLimitData[sender].netChanProcessingLimitTime +=
+			(Tier0::Plat_FloatTime() * 1000) - (startTime * 1000);
+
+		if (g_pServerLimits->m_PlayerLimitData[sender].netChanProcessingLimitTime >=
+			g_pServerLimits->Cvar_net_chan_limit_msec_per_sec->GetInt())
+		{
+			spdlog::warn(
+				"Client {} hit netchan processing limit with {}ms of processing time this second (max is {})",
+				(char*)sender + 0x16,
+				g_pServerLimits->m_PlayerLimitData[sender].netChanProcessingLimitTime,
+				g_pServerLimits->Cvar_net_chan_limit_msec_per_sec->GetInt());
+
+			// never kick local player
+			if (g_pServerLimits->Cvar_net_chan_limit_mode->GetInt() != NETCHANLIMIT_WARN &&
+				strcmp(R2::g_pLocalPlayerUserID, sender->m_UID))
+			{
+				R2::CBaseClient__Disconnect(sender, 1, "Exceeded net channel processing limit");
+				return false;
+			}
+		}
+	}
+
+	return ret;
+}
+
+AUTOHOOK(ProcessConnectionlessPacket, engine.dll + 0x117800, bool, , (void* a1, R2::netpacket_t* packet))
+{
+	if (packet->adr.type == R2::NA_IP &&
+		(!(packet->data[4] == 'N' && Cvar_net_datablock_enabled->GetBool()) || !Cvar_net_datablock_enabled->GetBool()))
+	{
+		// bad lookup: optimise later tm
+		UnconnectedPlayerLimitData* sendData = nullptr;
+		for (UnconnectedPlayerLimitData& foundSendData : g_pServerLimits->m_UnconnectedPlayerLimitData)
+		{
+			if (!memcmp(packet->adr.ip, foundSendData.ip, 16))
+			{
+				sendData = &foundSendData;
+				break;
+			}
+		}
+
+		if (!sendData)
+		{
+			sendData = &g_pServerLimits->m_UnconnectedPlayerLimitData.emplace_back();
+			memcpy(sendData->ip, packet->adr.ip, 16);
+		}
+
+		if (Tier0::Plat_FloatTime() < sendData->timeoutEnd)
+			return false;
+
+		if (Tier0::Plat_FloatTime() - sendData->lastQuotaStart >= 1.0)
+		{
+			sendData->lastQuotaStart = Tier0::Plat_FloatTime();
+			sendData->packetCount = 0;
+		}
+
+		sendData->packetCount++;
+
+		if (sendData->packetCount >= g_pServerLimits->Cvar_sv_querylimit_per_sec->GetInt())
+		{
+			spdlog::warn(
+				"Client went over connectionless ratelimit of {} per sec with packet of type {}",
+				g_pServerLimits->Cvar_sv_querylimit_per_sec->GetInt(),
+				packet->data[4]);
+
+			// timeout for a minute
+			sendData->timeoutEnd = Tier0::Plat_FloatTime() + 60.0;
+			return false;
+		}
+	}
+
+	return ProcessConnectionlessPacket(a1, packet);
+}
+
+ON_DLL_LOAD_RELIESON("engine.dll", ServerLimits, ConVar, (HMODULE baseAddress))
+{
+	AUTOHOOK_DISPATCH()
+
+	g_pServerLimits = new ServerLimitsManager;
+
+	g_pServerLimits->CVar_sv_quota_stringcmdspersecond = new ConVar(
+		"sv_quota_stringcmdspersecond",
+		"60",
+		FCVAR_GAMEDLL,
+		"How many string commands per second clients are allowed to submit, 0 to disallow all string commands, -1 to disable");
+	g_pServerLimits->Cvar_net_chan_limit_mode =
+		new ConVar("net_chan_limit_mode", "0", FCVAR_GAMEDLL, "The mode for netchan processing limits: 0 = warn, 1 = kick");
+	g_pServerLimits->Cvar_net_chan_limit_msec_per_sec = new ConVar(
+		"net_chan_limit_msec_per_sec",
+		"0",
+		FCVAR_GAMEDLL,
+		"Netchannel processing is limited to so many milliseconds, abort connection if exceeding budget");
+	g_pServerLimits->Cvar_sv_querylimit_per_sec = new ConVar("sv_querylimit_per_sec", "15", FCVAR_GAMEDLL, "");
+	g_pServerLimits->Cvar_sv_max_chat_messages_per_sec = new ConVar("sv_max_chat_messages_per_sec", "5", FCVAR_GAMEDLL, "");
+
+	Cvar_net_datablock_enabled = R2::g_pCVar->FindVar("net_datablock_enabled");
+}
+\ No newline at end of file
author	BobTheBob9 <for.oliver.kirkham@gmail.com>	2022-07-12 14:05:02 +0100
committer	BobTheBob9 <for.oliver.kirkham@gmail.com>	2022-07-12 14:05:02 +0100
commit	6ae30c9b15fcc200c7b642016e7adbfdf9b979f4 (patch)
tree	f645afba242a092e1e920582f37ae396e35b5e06 /NorthstarDLL/limits.cpp
parent	1068b3daeb95322461e69a2d8f0203309bd22830 (diff)
download	NorthstarLauncher-6ae30c9b15fcc200c7b642016e7adbfdf9b979f4.tar.gz NorthstarLauncher-6ae30c9b15fcc200c7b642016e7adbfdf9b979f4.zip