Empty UDP packets cause server crash

On the windows 10 BDS (this may effect other versions too) a crash can happen when a large amount of empty UDP packets hit the server.

0

The log "ATTENTION! Received EMPTY UDP packet - potential UDP ports scanning." will happen every time an empty UDP packet is sent. This can be exploited to crash the server by just throwing large amounts of empty packets at the server.

0

 

0

Details:

0

The Log message is sent via a printf call which is considered unsafe in the moder world.

0

My guess is to why this happens is that it takes a while to print in general, The packet thread is paused while this happens and a race condition.

0

The location of the call is in RakNetSocket2.cpp in the deps tree of the MCBE codebase (this effects normal clients afaik)

0

Fix:

0

To fix this all you have to do is remove this log and it drastically helps. This cant be fully fixed like that but it drops the performance tank that  happens when this attack happens.

0

 

0

Recreation:

0

A simple test is start a BDS instance and make a simple script/app to send as many UDP packets as you can to the server and it should crash quite quickly

On the windows 10 BDS (this may effect other versions too) a crash can happen when a large amount of empty UDP packets hit the server.

0

The log "ATTENTION! Received EMPTY UDP packet - potential UDP ports scanning." will happen every time an empty UDP packet is sent. This can be exploited to crash the server by just throwing large amounts of empty packets at the server.

0

 

0

Details:

0

The Log message is sent via a printf call which is considered unsafe in the moder world.

0

My guess is to why this happens is that it takes a while to print in general, The packet thread is paused while this happens and a race condition.

0

The location of the call is in RakNetSocket2.cpp in the deps tree of the MCBE codebase (this effects normal clients afaik)

0

Fix:

0

To fix this all you have to do is remove this log and it drastically helps. This cant be fully fixed like that but it drops the performance tank that  happens when this attack happens.

0

 

0

Recreation:

0

A simple test is start a BDS instance and make a simple script/app to send as many UDP packets as you can to the server and it should crash quite quickly

0

 

0

Showcase:

0I will attach below a video of it working and the script used to perform it

On the windows 10 BDS (this may effect other versions too) a crash can happen when a large amount of empty UDP packets hit the server.

0

The log "ATTENTION! Received EMPTY UDP packet - potential UDP ports scanning." will happen every time an empty UDP packet is sent. This can be exploited to crash the server by just throwing large amounts of empty packets at the server.

0

 

0

Details:

0

The Log message is sent via a printf call which is considered unsafe in the moder world.

0

My guess is to why this happens is that it takes a while to print in general, The packet thread is paused while this happens and a race condition.

0

The location of the call is in RakNetSocket2.cpp in the deps tree of the MCBE codebase (this effects normal clients afaik).

0

The function is "RakNet::RNS2_Berkley::RecvFromLoopInt". Only know this due to symbols being in the BDS. So reporting on these bugs may become harder

0

Fix:

0

To fix this all you have to do is remove this log and it drastically helps. This cant be fully fixed like that but it drops the performance tank that  happens when this attack happens.

0

 

0

Recreation:

0

A simple test is start a BDS instance and make a simple script/app to send as many UDP packets as you can to the server and it should crash quite quickly

0

 

0

Showcase:

0I will attach below a video of it working and the script used to perform it