Buffer Overrun again, wtf?

Results 1 to 6 of 6
  1. #1
    Proficient Member V_o_o_d_o_o is offline
    MemberRank
    Jun 2008 Join Date
    152Posts

    Buffer Overrun again, wtf?

    MLog:
    Code:
    GUNZ 1,0,0,290 launched. build (Jun 13 2007 10:25:37) 
    Log time (12/12/09 11:19:10)
    NON-Skip XTrapPatch
    CPU ID = GenuineIntel ( family = 15 , model = 6 , stepping = 5 ) @ 3000 MHz
    Display Device = Intel(R) 82945G Express Chipset Family ( vendor=8086 device=2772 subsys=2a57103c revision=2 )
    Display Driver Version = 7.14.0010.1461
    Windows = 6.0 Build 6002 , Service Pack 2 (2087564KB) :  ..
    Load XML from memory : system/locale.xml- SUCCESS
    Country : (BRZ), Language : (BRZ)
    Load XML from memory : system/gametypecfg.xml 
    Load Config from file : config.xml- FAIL
    Load XML from memory : system/system.xml- SUCCESS
    Load XML from memory : system/strings.xml(0x0016) - SUCCESS
    Load XML from memory : system/cserror.xml(0x0016) - SUCCESS
    Load XML from memory : system/messages.xml(0x0016) - SUCCESS
    InitializeNotify ok.
    WFog Enabled Device.
    Vertex Shader isn't supported
    device created.
    Video memory 124.000000 
    main : RGetLenzFlare()->Initialize() 
    InitialLoading success.
    interface Initialize success
    ZApplication::OnCreate : begin
    0(Primary Sound Driver): Hardware Mixing Not Supported
    1(Speakers (Realtek High Definition Audio)): Hardware Mixing Not Supported
    [[[getMaxChannel32]]]]
    LoadWave: Unknown file format
    LoadWave: Unknown file format
    LoadWave: Unknown file format
    LoadWave: Unknown file format
    
    -------------------> Sound Engine Create : 1.805000 
    
    sound engine create.
    Load XML from memory : System/tips.xml(0x0016)- SUCCESS
    start log bipmap
    end of load bitmaps2
    loading pictures : 1.084000 
    warning : bitmap btn_chk.png not found.
    warning : bitmap btn_chk.png not found.
    warning : bitmap frame_b.png not found.
    warning : bitmap frame_t.png not found.
    warning : bitmap tooltip_edge01.png not found.
    warning : bitmap gunz_logo_hq.png not found.
    warning : bitmap no_emblem.png not found.
    warning : bitmap gunz_logo_hq.png not found.
    warning : bitmap slot_head.tga not found.
    warning : bitmap slot_head.tga not found.
    warning : bitmap gunz_logo_hq.png not found.
    warning : bitmap gunz_logo_hq.png not found.
    warning : bitmap icon_gameroom.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap icon_gameroom_s.tga not found.
    warning : bitmap gunz_logo_hq.png not found.
    IDLResource Loading Success!!
    IDL resources : 0.342000 
    start InitInterface option
    Number of Display mode : 27
    Number of Display mode : 27
    end of InitInterface option ok
    Init maps : no Current ChannelRule 
    Screen Effect Manager Create : 0.165000 
    Screen effect manager create success.
    Effect manager create success.
    Client create success.
    game interface create success.
    
    -------------------> GameInterface Create : 6.954000 
    
    Load character.xml success,
    
    -------------------> Character Loading : 2.447000
    It worked fine until I uploaded to the VPS, then it downloaded a new one even though I already had the same one and it doesn't work now.

    Is there a damn virus on my VPS changing the runnable?
    Last edited by V_o_o_d_o_o; 12-12-09 at 08:20 PM.


  2. #2
    Proficient Member V_o_o_d_o_o is offline
    MemberRank
    Jun 2008 Join Date
    152Posts

    Re: Buffer Overrun again, wtf?

    We really need this fixed...

    Bump.

  3. #3

    Re: Buffer Overrun again, wtf?

    Quote Originally Posted by V_o_o_d_o_o View Post
    It worked fine until I uploaded to the VPS, then it downloaded a new one even though I already had the same one and it doesn't work now.

    Is there a damn virus on my VPS changing the runnable?
    You might want to scan the runnable.

  4. #4
    Proficient Member V_o_o_d_o_o is offline
    MemberRank
    Jun 2008 Join Date
    152Posts

    Re: Buffer Overrun again, wtf?

    Quote Originally Posted by Linear88 View Post
    You might want to scan the runnable.
    Done. Nothing.

    Sality Deleter removed a worm from the launcher; my fear is that it got to the VPS. The VPS is 64bit, we can't run the Win32 Sality Deleter.

  5. #5
    Account Upgraded | Title Enabled! Guy is offline
    MemberRank
    Apr 2009 Join Date
    919Posts

    Re: Buffer Overrun again, wtf?

    Quote Originally Posted by V_o_o_d_o_o View Post
    Done. Nothing.

    Sality Deleter removed a worm from the launcher; my fear is that it got to the VPS. The VPS is 64bit, we can't run the Win32 Sality Deleter.
    The launcher is frequently mislabeled as malware; this whole "Sality infected our files" bullshit seems like one huge false positive.

    If the VPS is x64, and the files it uses are x64, why would an x86 piece of malware be able to infect x64 files? Theoretically, different arch, it wouldn't be able to identify the new files to infect.

    Regardless, it sounds like you may have "broken" the launcher by trying to falsely repair it, unless the "repair" process ultimately did nothing.

    In either case, use the original files, or the most recent ones you have. I would guess using the Sality "remover" ended up corrupting some client files, fixing nothing.

    Malware isn't always perfect, most malware suspects don't have 500 ways to propagate over hundreds of protocols such as RDP, SSH, FTP, etc; most I've seen spread via the Windows home network file sharing setup, removable devices, etc.

    In short, it sounds like you have nothing to worry about.

  6. #6
    Proficient Member V_o_o_d_o_o is offline
    MemberRank
    Jun 2008 Join Date
    152Posts

    Re: Buffer Overrun again, wtf?

    Quote Originally Posted by Guy View Post
    The launcher is frequently mislabeled as malware; this whole "Sality infected our files" bullshit seems like one huge false positive.

    If the VPS is x64, and the files it uses are x64, why would an x86 piece of malware be able to infect x64 files? Theoretically, different arch, it wouldn't be able to identify the new files to infect.

    Regardless, it sounds like you may have "broken" the launcher by trying to falsely repair it, unless the "repair" process ultimately did nothing.

    In either case, use the original files, or the most recent ones you have. I would guess using the Sality "remover" ended up corrupting some client files, fixing nothing.

    Malware isn't always perfect, most malware suspects don't have 500 ways to propagate over hundreds of protocols such as RDP, SSH, FTP, etc; most I've seen spread via the Windows home network file sharing setup, removable devices, etc.

    In short, it sounds like you have nothing to worry about.
    It's completely random, half the time it works 100%, half the time it crashes at mesh and says buffer overrun.

    I doubt it has anything to do with the launcher, though our launcher really screwed up.

    For me it downloads needed updates after I use the installer, for other people it downloads every file in the update folder.

    Makes no sense.

    But back to buffer overrun...

    I had a theory that it was our custom fmod.dll; config.dll so I replace fmod.dll (which injects config.dll) with a plain one. The client worked fine running the executable, not a single problem. Though, I couldn't run the launcher to see if it has something to do with that because it would replace the different fmod, and I didn't want to put it in the updates without a confirmation that it was indeed the problem.

    Sadly, I put the old fmod.dll back in the client and the client has worked fine ever since. My current theory is that the client needs to run once with the plain fmod.dll, then put our new one in. Or just drop the new one altogether.

    Ironically, config.dll which fmod.dll was injecting was supposed to prevent hackers from giving buffer overruns to everyone in the current room.

    I did try to remove config.dll and see if it would work; it did a few times, other times it didn't.

    I still think it's that damn new fmod.dll, but without 100% confirmation I don't want to make it official.



Advertisement