-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Robustness issue in responses to 'request-input' events #173
Comments
Omikhleia
added a commit
that referenced
this issue
Jun 28, 2017
Just ensure clients provide the expected response payloads.
doughsay
added a commit
that referenced
this issue
Jun 30, 2017
Add robustness check to request-input responses #173
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sort of similar to #171, but for 'request-input' socket events (necessarily requiring a mis-behaving client, so in a sense 'less problematic').
Monkey testing.
Case 1 - Character selection:
A mis-behaving client can crash the game by providing a null or non-string selection.
Case 2 - Login, password issue
A mis-behaving client can crash the game by providing a null, undefined or non-string password.
Null password:
Non-string password, here an integer:
Case 3 - Login, username issue
A mis-behaving client can crash the game by providing a null, undefined or non-string username.
Null username:
Non-string password, here an integer:
Case 4 - Create (account creation), username issue
A mis-behaving client can crash the game by providing a null, undefined or non-string username. Same error signatures as previous case, just differing by line numbers.
For a null:
And 36:42 for a non-string (tested with integer), on username.trim too.
Case 5 - Create (account creation), password issue
Username is assumed to be valid and non-existent.
With password = password2= null:
And with integer:
Case 6 - Create (character creation), player name issue
Similar issues.
I just threw an empty object {} as response, here, to test with undefined.
Doh, feeling like a true monkey... Why haven't I automated those tests ? ':|
The text was updated successfully, but these errors were encountered: