From 340a8b5e0c821169977e2e471029c57e738620bb Mon Sep 17 00:00:00 2001 From: Alibek Omarov Date: Sat, 15 Feb 2025 06:26:13 +0300 Subject: [PATCH] engine: server: fixes for userinfo change ratelimiting * Add pentalty earlier * Increase disallowed timewindow according to penality multiplier * Allow first change even if it falls into ignore timewindow --- engine/server/sv_client.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/engine/server/sv_client.c b/engine/server/sv_client.c index 81fd6279..8735119a 100644 --- a/engine/server/sv_client.c +++ b/engine/server/sv_client.c @@ -1775,7 +1775,7 @@ static qboolean SV_ShouldUpdateUserinfo( sv_client_t *cl ) if( host.realtime < cl->userinfo_next_changetime + cl->userinfo_penalty * sv_userinfo_penalty_multiplier.value ) { // player changes userinfo too quick! ignore! - if( host.realtime < cl->userinfo_next_changetime ) + if( host.realtime < cl->userinfo_next_changetime && cl->userinfo_change_attempts > 0 ) { Con_Reportf( "%s: ignore userinfo update for %s: penalty %f, attempts %i\n", __func__, cl->name, cl->userinfo_penalty, cl->userinfo_change_attempts ); @@ -1786,15 +1786,15 @@ static qboolean SV_ShouldUpdateUserinfo( sv_client_t *cl ) } // they spammed too fast, increase penalty - if( cl->userinfo_change_attempts > sv_userinfo_penalty_attempts.value ) + if( cl->userinfo_change_attempts >= (int)sv_userinfo_penalty_attempts.value ) { - Con_Reportf( "%s: penalty set %f for %s\n", __func__, - cl->userinfo_penalty, cl->name ); cl->userinfo_penalty *= sv_userinfo_penalty_multiplier.value; cl->userinfo_change_attempts = 0; + + Con_Reportf( "%s: penalty set %f for %s\n", __func__, cl->userinfo_penalty, cl->name ); } - cl->userinfo_next_changetime = host.realtime + cl->userinfo_penalty; + cl->userinfo_next_changetime = host.realtime + cl->userinfo_penalty * sv_userinfo_penalty_multiplier.value; return allow; }