Luigi Auriemma

Hello... yeah uh the patch for q3msgboom on jk2 does NOT work, BECAUSE the VM has NOTHING to do with it in jk2, LUIGI... IF YOU tested it on the LATEST version of JK2, then of course it wouldn't work because Ravensoft themselves patched it in 1.03 and 1.04. This may work on other games but not on Jedi Knight II: Jedi Outcast. On 1.02 it still does crashes the server, if you do "exec q3msgboom;exec q3msgboom;exec q3msgboom;exec q3msgboom" you must execute it 4 times in order for it to crash the server, one time doesn't work on JK2. I'm nearly done with the 1.02 patch.

I just thought you should know this anyone who plays JK2, and Luigi too because when I emailed him a while back he thought it worked. :)

JK2 1.04 is vulnerable to the q3msgboom bug: as described in my advisory, when the in-game attacker executes the proof-of-concept any client in the server (included himself) will be disconnected with the "CL_ParseServerMessage" error.

When you remove vsay (and any other command interested by the attack) from jk2mpgame.qvm the problem will no longer happen, as I have retested just in this moment.

What about you talk is not q3msgboom, but an older bug which (as you have said) has been fixed in 1.03 and 1.04.

So, please, don't make confusion between different bugs and, more important, the LATEST version is ever the ONLY one which must be considered.

tell me what is the older bug, when in 1.03 they patched it... and it got rid of the error.... removing the v in vsay wont work ive tried it myself... and it doesnt work before u patch it either, idk what ur running but everyone else i talk to has my problem not urs

also sense u've made a patch, could u send it to me so i may look at it, also try using it without the patch u've made on 1.04 then tell me ur results.

ok yeah ive analyzed 1.03 and 1.04 i geuss u are right on those, but on 1.02 if u delete the v in vsay nothing happens, if u change the command in the .cfg to SAY AAAAAAAAAAAA..... it still crashes, it doesnt crash if u execute it once, only if u execute it 4 times, so like this: "/exec q3msgboom;exec q3msgboom;exec q3msgboom;exec q3msgboom" and the error that the server gets is

********************ERROR: Netchan_Process: length = 16385********************
----- Server Shutdown -----
Sending heartbeat to masterjk2.ravensoft.com
Sending heartbeat to masterjk2.ravensoft.com
==== ShutdownGame ====
ShutdownGame:
------------------------------------------------------------
AAS shutdown.
---------------------------
DROPPED

so yeah, sorry i was wrong about the lastest version but was still right about 1.02, could u help? seriously there is no anti for q3msgboom in jk2 1.02 and some idiots gave it out to everybody, and it is literally killing jk2 1.02

uhmmm naaa I'm not interested in trying to fix something old which has been already patched officially.

Then this is not the q3msgboom bug, the PoC works also versus this bug but it's not the same problem.
Q3msgboom is only a client-side bug, the work-around must be applied on the server because clients cannot be patched or can be kicked by punkbuster or pure servers.

[quote="aluigi"]uhmmm naaa I'm not interested in trying to fix something old which has been already patched officially.

Then this is not the q3msgboom bug, the PoC works also versus this bug but it's not the same problem.
Q3msgboom is only a client-side bug, the work-around must be applied on the server because clients cannot be patched or can be kicked by punkbuster or pure servers.[/quote]

"...patched officially" ... uh.. "
Patches and workarounds made by me: unofficial bug fixes of the bugs I found"

it is indeed the exact copy of ur q3msgboom, jk2 1.02 has a different error than 1.04, and no in 1.02 it is more of a server and client, in 1.04 it is a client .... and seeing how u dont want to try 1.02, u wouldnt know what im talking about

1.03 and 1.04 are "official patches", so if you don't understand and don't want to understand (just what you are doing from the beginning of this useless thread) what someone writes this is only your problem.
Topic closed.