summaryrefslogtreecommitdiff
path: root/mesecons_hydroturbine
diff options
context:
space:
mode:
authorJeija <norrepli@gmail.com>2016-12-28 10:07:59 +0100
committerJeija <norrepli@gmail.com>2016-12-28 10:07:59 +0100
commit703e6fdadb5251b6f42e35f0f71f3094f5e15f75 (patch)
tree2f699fd54e574917be179a59749705b7355fce54 /mesecons_hydroturbine
parent67cd17aa799dd4d168e95f2c3ea80076371da26e (diff)
downloadmesecons-703e6fdadb5251b6f42e35f0f71f3094f5e15f75.tar
mesecons-703e6fdadb5251b6f42e35f0f71f3094f5e15f75.tar.gz
mesecons-703e6fdadb5251b6f42e35f0f71f3094f5e15f75.tar.bz2
mesecons-703e6fdadb5251b6f42e35f0f71f3094f5e15f75.tar.xz
mesecons-703e6fdadb5251b6f42e35f0f71f3094f5e15f75.zip
Luacontroller: Restrict digiline messages
Restrict maximum length of messages to 50.000 characters and disable sending functions or table references over the wire. Restrict types of channel variable to string, number or boolean. The missing length restriction made DoS-like attacks possible by overflowing memory using string concatenation. Thanks to gamemanj for disclosing this issue.
Diffstat (limited to 'mesecons_hydroturbine')
0 files changed, 0 insertions, 0 deletions