GiveNamedItemTracker
CBaseEntity *CCSPlayer::GiveNamedItem( const char *pszName, int iSubType )
File: game/server/cstrike/cs_player.cpp
Line 6679:
This extension serves the purpose of detouring GiveNamedItem so that each invocation of it may be logged and potentially blocked.
Zacade, Madness (null138) and me (jenz) oberserved since march 2024 how malicious players are capable of crashing the zombie escape server.
Our observations lead us to believe that its related to the malicious users spawning weapons that do not exist and hence crash the server.
Originally we tried to observe GiveNamedItem through DhookDetour using sourcepawn but what happened was that when a malicious user would use the exploit the sourcepawn implementation could not keep up, instead of directly crashing the server it would instead just freeze forever. Hence tracking it from sourcepawn appears infeasible and therefore this extension seems neccesary.
When the exploit is performed it also leaves us without any accelerator crash report despite the server crashing.
We furthermore concluded that the exploit must be useable by malicious users due to critical flaws in plugins that we run.
We never discovered the flaw that enables the exploit to crash the server but the extension will hopefully suffice instead.
