From 536346da119a382657ffbe5cfdfeb8af5b6a4aa0 Mon Sep 17 00:00:00 2001
From: Regalis11 <poe.regalis@gmail.com>
Date: Tue, 16 Apr 2024 18:00:23 +0300
Subject: [PATCH] v1.3.0.4

---
 .../Networking/Primitives/Peers/P2POwnerPeer.cs     | 13 +++++++++++--
 Barotrauma/BarotraumaClient/LinuxClient.csproj      |  2 +-
 Barotrauma/BarotraumaClient/MacClient.csproj        |  2 +-
 Barotrauma/BarotraumaClient/WindowsClient.csproj    |  2 +-
 Barotrauma/BarotraumaServer/LinuxServer.csproj      |  2 +-
 Barotrauma/BarotraumaServer/MacServer.csproj        |  2 +-
 Barotrauma/BarotraumaServer/WindowsServer.csproj    |  2 +-
 .../BarotraumaShared/SharedSource/DebugConsole.cs   |  2 +-
 Barotrauma/BarotraumaShared/changelog.txt           |  6 ++++++
 9 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/Barotrauma/BarotraumaClient/ClientSource/Networking/Primitives/Peers/P2POwnerPeer.cs b/Barotrauma/BarotraumaClient/ClientSource/Networking/Primitives/Peers/P2POwnerPeer.cs
index 537345b0c..f9b0d0081 100644
--- a/Barotrauma/BarotraumaClient/ClientSource/Networking/Primitives/Peers/P2POwnerPeer.cs
+++ b/Barotrauma/BarotraumaClient/ClientSource/Networking/Primitives/Peers/P2POwnerPeer.cs
@@ -1,4 +1,4 @@
-#nullable enable
+#nullable enable
 using Barotrauma.Extensions;
 using Barotrauma.Steam;
 using System;
@@ -152,7 +152,16 @@ namespace Barotrauma.Networking
 
             if (packetHeader.IsConnectionInitializationStep())
             {
-                ConnectionInitialization initialization = peerPacketHeaders.Initialization ?? throw new Exception("Initialization step missing");
+                if (peerPacketHeaders.Initialization == null)
+                {
+                    //can happen if the packet is crafted in a way to leave the Initialization value as null
+                    DebugConsole.ThrowErrorOnce(
+                        $"P2POwnerPeer.OnP2PData:{remotePeer.Endpoint.StringRepresentation}", 
+                        $"Failed to initialize remote peer {remotePeer.Endpoint.StringRepresentation}: initialization step missing.");
+                    CommunicateDisconnectToRemotePeer(remotePeer, PeerDisconnectPacket.WithReason(DisconnectReason.MalformedData));
+                    return;
+                }
+                ConnectionInitialization initialization = peerPacketHeaders.Initialization.Value;
                 if (initialization == ConnectionInitialization.AuthInfoAndVersion
                     && remotePeer.AuthStatus == RemotePeer.AuthenticationStatus.NotAuthenticated)
                 {
diff --git a/Barotrauma/BarotraumaClient/LinuxClient.csproj b/Barotrauma/BarotraumaClient/LinuxClient.csproj
index d49b2ab21..f685198c3 100644
--- a/Barotrauma/BarotraumaClient/LinuxClient.csproj
+++ b/Barotrauma/BarotraumaClient/LinuxClient.csproj
@@ -6,7 +6,7 @@
     <RootNamespace>Barotrauma</RootNamespace>
     <Authors>FakeFish, Undertow Games</Authors>
     <Product>Barotrauma</Product>
-    <Version>1.3.0.3</Version>
+    <Version>1.3.0.4</Version>
     <Copyright>Copyright © FakeFish 2018-2023</Copyright>
     <Platforms>AnyCPU;x64</Platforms>
     <AssemblyName>Barotrauma</AssemblyName>
diff --git a/Barotrauma/BarotraumaClient/MacClient.csproj b/Barotrauma/BarotraumaClient/MacClient.csproj
index 3d3148698..c71af10d6 100644
--- a/Barotrauma/BarotraumaClient/MacClient.csproj
+++ b/Barotrauma/BarotraumaClient/MacClient.csproj
@@ -6,7 +6,7 @@
     <RootNamespace>Barotrauma</RootNamespace>
     <Authors>FakeFish, Undertow Games</Authors>
     <Product>Barotrauma</Product>
-    <Version>1.3.0.3</Version>
+    <Version>1.3.0.4</Version>
     <Copyright>Copyright © FakeFish 2018-2023</Copyright>
     <Platforms>AnyCPU;x64</Platforms>
     <AssemblyName>Barotrauma</AssemblyName>
diff --git a/Barotrauma/BarotraumaClient/WindowsClient.csproj b/Barotrauma/BarotraumaClient/WindowsClient.csproj
index f5f537757..0608b7d9d 100644
--- a/Barotrauma/BarotraumaClient/WindowsClient.csproj
+++ b/Barotrauma/BarotraumaClient/WindowsClient.csproj
@@ -6,7 +6,7 @@
     <RootNamespace>Barotrauma</RootNamespace>
     <Authors>FakeFish, Undertow Games</Authors>
     <Product>Barotrauma</Product>
-    <Version>1.3.0.3</Version>
+    <Version>1.3.0.4</Version>
     <Copyright>Copyright © FakeFish 2018-2023</Copyright>
     <Platforms>AnyCPU;x64</Platforms>
     <AssemblyName>Barotrauma</AssemblyName>
diff --git a/Barotrauma/BarotraumaServer/LinuxServer.csproj b/Barotrauma/BarotraumaServer/LinuxServer.csproj
index 5ce39bac1..a39539d07 100644
--- a/Barotrauma/BarotraumaServer/LinuxServer.csproj
+++ b/Barotrauma/BarotraumaServer/LinuxServer.csproj
@@ -6,7 +6,7 @@
     <RootNamespace>Barotrauma</RootNamespace>
     <Authors>FakeFish, Undertow Games</Authors>
     <Product>Barotrauma Dedicated Server</Product>
-    <Version>1.3.0.3</Version>
+    <Version>1.3.0.4</Version>
     <Copyright>Copyright © FakeFish 2018-2023</Copyright>
     <Platforms>AnyCPU;x64</Platforms>
     <AssemblyName>DedicatedServer</AssemblyName>
diff --git a/Barotrauma/BarotraumaServer/MacServer.csproj b/Barotrauma/BarotraumaServer/MacServer.csproj
index 6fd38119a..dd5b22619 100644
--- a/Barotrauma/BarotraumaServer/MacServer.csproj
+++ b/Barotrauma/BarotraumaServer/MacServer.csproj
@@ -6,7 +6,7 @@
     <RootNamespace>Barotrauma</RootNamespace>
     <Authors>FakeFish, Undertow Games</Authors>
     <Product>Barotrauma Dedicated Server</Product>
-    <Version>1.3.0.3</Version>
+    <Version>1.3.0.4</Version>
     <Copyright>Copyright © FakeFish 2018-2023</Copyright>
     <Platforms>AnyCPU;x64</Platforms>
     <AssemblyName>DedicatedServer</AssemblyName>
diff --git a/Barotrauma/BarotraumaServer/WindowsServer.csproj b/Barotrauma/BarotraumaServer/WindowsServer.csproj
index 2fe048e3d..b02ff43fb 100644
--- a/Barotrauma/BarotraumaServer/WindowsServer.csproj
+++ b/Barotrauma/BarotraumaServer/WindowsServer.csproj
@@ -6,7 +6,7 @@
     <RootNamespace>Barotrauma</RootNamespace>
     <Authors>FakeFish, Undertow Games</Authors>
     <Product>Barotrauma Dedicated Server</Product>
-    <Version>1.3.0.3</Version>
+    <Version>1.3.0.4</Version>
     <Copyright>Copyright © FakeFish 2018-2023</Copyright>
     <Platforms>AnyCPU;x64</Platforms>
     <AssemblyName>DedicatedServer</AssemblyName>
diff --git a/Barotrauma/BarotraumaShared/SharedSource/DebugConsole.cs b/Barotrauma/BarotraumaShared/SharedSource/DebugConsole.cs
index dd6b41281..c30424c23 100644
--- a/Barotrauma/BarotraumaShared/SharedSource/DebugConsole.cs
+++ b/Barotrauma/BarotraumaShared/SharedSource/DebugConsole.cs
@@ -2615,7 +2615,7 @@ namespace Barotrauma
         /// <summary>
         /// Log the error message, but only if an error with the same identifier hasn't been thrown yet during this session.
         /// </summary>
-        public static void ThrowErrorOnce(string identifier, string errorMsg, Exception e)
+        public static void ThrowErrorOnce(string identifier, string errorMsg, Exception e = null)
         {
             if (loggedErrorIdentifiers.Contains(identifier)) { return; }
             ThrowError(errorMsg, e);
diff --git a/Barotrauma/BarotraumaShared/changelog.txt b/Barotrauma/BarotraumaShared/changelog.txt
index 9b3a8ee2f..3178f482c 100644
--- a/Barotrauma/BarotraumaShared/changelog.txt
+++ b/Barotrauma/BarotraumaShared/changelog.txt
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------------------------------------------------------------------------------------
+v1.3.0.4
+-------------------------------------------------------------------------------------------------------------------------------------------------
+
+- Fixed another exploit that allowed crashing servers by sending them specifically crafted malformed data.
+
 -------------------------------------------------------------------------------------------------------------------------------------------------
 v1.3.0.3
 -------------------------------------------------------------------------------------------------------------------------------------------------