There is a special packet that crashes the server. This fix closes that.
The wire-symmetric rdwr previously let any TCP peer drive
socket_list_t::rdwr / address_list_t::rdwr through an unbounded
allocation loop with a wire-supplied count, before the admin-auth
gate in execute() fired — one packet, server gone. The honest
statement is narrower than per-flag asymmetry: nwc_service_t is the
admin-tool <-> server channel, and an in-game multiplayer client
never legitimately exchanges one. Early-return on that side closes
the pre-auth server crash and the symmetric malicious-server push
at a joined client in one shot. SRVC_GET_BLACK_LIST patched together
with SRVC_GET_CLIENT_LIST.
Thank you, your work will certainly reduce the spurious server crashes. I was happy enough to get the network working, and happy for the extended interface from Dwachs. Since then, not many people looked at it.
Incorporated in r11961.