fix(Core/AuthSocket): Added check for AuthFlooder (#2387)

2019-10-30 08:18:00 +01:00 · 2019-10-30 08:18:00 +01:00 · ce30c08fbc
commit ce30c08fbc
parent 3b67466d9c
1 changed files with 13 additions and 0 deletions
--- a/src/server/authserver/Server/AuthSocket.cpp
+++ b/src/server/authserver/Server/AuthSocket.cpp
@ -208,6 +208,10 @@ void AuthSocket::OnRead()
 {
    #define MAX_AUTH_LOGON_CHALLENGES_IN_A_ROW 3
    uint32 challengesInARow = 0;
+
+    #define MAX_AUTH_GET_REALM_LIST 10
+    uint32 challengesInARowRealmList = 0;
+
    uint8 _cmd;
    while (1)
    {
@ -224,6 +228,15 @@ void AuthSocket::OnRead()
                return;
            }
        }
+        else if (_cmd == REALM_LIST) {
+          challengesInARowRealmList++;
+          if (challengesInARowRealmList == MAX_AUTH_GET_REALM_LIST)
+          {
+              sLog->outString("Got %u REALM_LIST in a row from '%s', possible ongoing DoS", challengesInARowRealmList, socket().getRemoteAddress().c_str());
+              socket().shutdown();
+              return;
+          }
+        }

        size_t i;