GMS-2022-27: Unchecked validity of Facing values in PlayerActionPacket
Impact
A remote attacker may crash a server by sending PlayerActionPacket with invalid facing values (e.g. negative), specifically with START_BREAK or CRACK_BLOCK actions, or with a UseItemTransactionData (typically in InventoryTransactionPacket).
Patches
f126479c37ff00a717a828f5271cf8e821d12d6c
Workarounds
Using a plugin, cancel DataPacketReceiveEvent if the packet is PlayerActionPacket and the facing is outside the range 0-5 when receiving START_BREAK or CRACK_BLOCK actions, or UseItemTransactionData. However, beware that negative values may be legitimate in some cases.
For more information
If you have any questions or comments about this advisory:
- Email us at team@pmmp.io
References
Code Behaviors & Features
Detect and mitigate GMS-2022-27 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →