MAP FTL/P
measles
Join Date: 2007-02-26 Member: 60122Members, Constellation
Join Date: 2007-02-26 Member: 60122Members, Constellation
<div class="IPBDescription">Adding maps</div>
Where is a safe place to download new maps?
Is there any site that anyone knows of that has them NOT in a RAR format?
It would be an idea to create a sticky to direct people to an Official Map Download Site. We wouldn't want any of our members getting infected by malicious *Happy Panda* downloading maps.
Where is a safe place to download new maps?
Is there any site that anyone knows of that has them NOT in a RAR format?
It would be an idea to create a sticky to direct people to an Official Map Download Site. We wouldn't want any of our members getting infected by malicious *Happy Panda* downloading maps.
Comments
Anyway, there aren't many maps around, and the ones that are out there you'll find in their own threads in the mapping-forum (probably with a download-link in the first-post).
<ul><li><b>ns2_triad</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=113658" target="_blank">Forum</a> <a href="http://www.super-nova-team.com/alex/ns2_triad26.rar" target="_blank">Download</a></li><li><b>ns2_descent</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=115041" target="_blank">Forum</a> <a href="http://dl.dropbox.com/u/43181294/ns2_descent_beta01.zip" target="_blank">Download</a></li><li><b>ns2_veil</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=114979" target="_blank">Forum</a> <a href="http://www.megaupload.com/?d=ROEC7Z5A" target="_blank">Download</a></li><li><b>ns2_junction</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=115172" target="_blank">Forum</a> <a href="http://www.mediafire.com/?2j4rx7pz1ybzafo" target="_blank">Download</a></li><li><b>ns2_turtle</b> <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=113440" target="_blank">Forum</a> <a href="http://dl.dropbox.com/u/42877240/ns2_turtle_b1.rar" target="_blank">Download</a></li></ul>
Lets say you are making a program that reads files(for whatever purpose). You assume a string is going to be null-terminated and at most 32 characters long, so when you make your program you just allocate 32 chars on the stack and read in characters from the file one by one until you encounter the null character.
As long as the file is properly formatted and the character string is actually no longer than 32 characters and null-terminated, this works just fine. But this is a "latent bug". If a malformed file with a string that is longer 32 characters is ever encountered you will overwrite random stuff on the stack(likely including the return adress!). If the file is malformated due to an error, it will probably just crash the application.
However, this type of bug is particularly nasty because it is a vulnerability that can often be exploited to allow an attacker to execute arbitrary code. Some tedious ###### can make a file with a string that is malformed in just the right way to overflow the character buffer and overwrite the return adress on the stack with a meaningful adress; when the function returns it does not end up at some random adress that is going to cause the application to crash; it ends up trying to execute the contents of the malformed file, which by design contains a trojan or something nasty.
Winrar 3.x had a number of such vulnerabilities, some of which turned out to be exploitable.
They want feedback on their map, I doubt they would put malware in their .rar files.
Also, Arga is currently working on a download section on our website. *Whip cracks*
If I remember correctly the most important vulnerability in winrar was a buffer overflow related to long path names.
I find this information you provided in this thread mighty interesting :)