Login

**Kalcor**

An SA-MP client update (0.3x-R2) will soon be available to address some security issues. It is being released in this section temporarily for testing.

Please don't use this thread to say 'thanks' etc. This thread is for feedback about the new client to make sure nothing is broken before it is released.

SA-MP 0.3x-R2 client update

An exploitable vector exists in client portion of SA-MP's TextDraw system. A malicious server owner might be able to execute arbitrary code on the SA-MP client by sending a specially crafted string.

This is normally only a problem if you join untrustworthy servers. So far we haven't seen any servers using the exploit against their players. It's still highly recommended that everyone update to this new client once it is released.

Fixes:

- Fixes buffer overflow in client portion of the TextDraw system.
- Fixes the game's improper handling of '~' format codes in TextDraws.
- Fixes for mouse control being lost when going between SA-MP and the GTA:SA (Esc) menu.
- Fixes the server browser's improper handling of malformed data from the server.

This pre-release client is being made available to test the fixes to the mouse control. On many systems, the mouse control will be lost when you enter the GTA:SA menu, and mouse control over the game will also be lost when you return from the menu. Many people have solved this problem using the 'mousefix.asi' addon, although this should no longer be needed.

Please report if you experience any problems with the new update.

Updates:

0.3x-R2 Client Pre-release 2:

- Fixes 'Range Check' error in server browser.
- Various TextDraw format code fixes.

Download:
0.3x-R2 Client (Pre-release 2)
0.3x-R2 Client (Pre-release 1)

DrTHE

After the update that was one TextDraw Green went on to appear white (there was no change in the script)

Before

After

source: http://forum.sa-mp.com/showthread.ph...55#post2846955

Meta · 03.01.2014, 00:05

Wow, finally that mouse problem is gone

Nice work, security updates are always good to have.

EDIT:
Now I experience a

when I try to join any server from the server browser.

FUNExtreme · 03.01.2014, 00:38

While testing this release I've come up to an error stating "Error: can't use k-codes in long string".
The error pops up with the FIRST string in the code below, the rest of the strings are included because even though some are longer, they do not give the error.

Note: The command in which this textdraw string is used has been in a public server for 2 weeks now (and a lot longer in testing), but not once has a player reported crashes caused by this.

Код:

{"Abandoned Airport~n~Bridge Jump~n~BMX Parkour~n~Dead Jump~n~Base Jump~n~Kermis Jump~n~Loop Ride~n~Roller Coaster~n~Roof Stunt~n~Clown Pocket Jump~n~Trampoline~n~Underground Jump~n~Underground Airport~n~Way To Death~n~Hop Da Hop~n~NRG Parkour 1~n~NRG Parkour 2~n~Small Jump~n~Drift 1~n~Drift 2"},
{"Drift 3~n~Drift 4~n~Drift 5~n~Drift 6~n~Drift 7~n~Drift 8~n~Drift 9~n~Drift 10~n~Arch Angels Tuning Shop~n~LocoLow Savanna Tuning Shop~n~Las Venturas Airport~n~Los Santos Airport~n~San Fierro Airport~n~Mount Chilliad~n~San Fierro~n~Los Santos~n~Las Venturas~n~Grove Street~n~Sky Road 1~n~Cool Jump"},
{"Water Jump 1~n~Water Jump 2~n~Huge Jump~n~SkatePark~n~Big Jump~n~Building Jump~n~Sky Road 2~n~The House~n~The Ship~n~Four Dragons Casino~n~Warehouse Deathmatch~n~Island Deathmatch~n~Police Deathmatch~n~Dam Deathmatch~n~Liberty Deathmatch~n~Base Deathmatch~n~Arena Deathmatch~n~Zombotech Deathmatch~n~Factory Deathmatch~n~Rooftop Deathmatch"},
{"Massive Jump~n~The First RSW Race~n~Las Venturas Race~n~San Fierro Madness~n~Hospital Race~n~Race Five~n~Beach Race~n~Casino Race~n~Area 51 Race~n~Escape Los Santos~n~Escape San Fierro~n~Chilliad Race~n~Offroad Race~n~San Fierro Drift~n~Channel Race~n~Maddog Race~n~vRock Hotel Race~n~Railroad Race~n~Damn Race~n~Las Venturas Highway"},
{"Las Venturas Drag~n~Kingring Race~n~Desert Race~n~San Fierro Drag~n~Los Santos Drag~n~County Drag~n~Jump Race~n~Catalina Race~n~Ranger Race~n~Beach Line Race~n~Los Santos Yards~n~NRG Race"}

d0 · 03.01.2014, 00:39

Quote:

Originally Posted by DrTHE

After the update that was one TextDraw Green went on to appear white (there was no change in the script)

Before

After

Could you provide code to reproduce this issue ?

Quote:

Originally Posted by FUNExtreme

While testing this release I've come up to an error stating "Error: can't use k-codes in long string".
The error pops up with the FIRST string in the code below, the rest of the strings are included because even though some are longer, they do not give the error.

Note: The command in which this textdraw string is used has been in a public server for 2 weeks now (and a lot longer in testing), but not once has a player reported crashes caused by this.

Код:

{"Abandoned Airport~n~Bridge Jump~n~BMX Parkour~n~Dead Jump~n~Base Jump~n~Kermis Jump~n~Loop Ride~n~Roller Coaster~n~Roof Stunt~n~Clown Pocket Jump~n~Trampoline~n~Underground Jump~n~Underground Airport~n~Way To Death~n~Hop Da Hop~n~NRG Parkour 1~n~NRG Parkour 2~n~Small Jump~n~Drift 1~n~Drift 2"},
{"Drift 3~n~Drift 4~n~Drift 5~n~Drift 6~n~Drift 7~n~Drift 8~n~Drift 9~n~Drift 10~n~Arch Angels Tuning Shop~n~LocoLow Savanna Tuning Shop~n~Las Venturas Airport~n~Los Santos Airport~n~San Fierro Airport~n~Mount Chilliad~n~San Fierro~n~Los Santos~n~Las Venturas~n~Grove Street~n~Sky Road 1~n~Cool Jump"},
{"Water Jump 1~n~Water Jump 2~n~Huge Jump~n~SkatePark~n~Big Jump~n~Building Jump~n~Sky Road 2~n~The House~n~The Ship~n~Four Dragons Casino~n~Warehouse Deathmatch~n~Island Deathmatch~n~Police Deathmatch~n~Dam Deathmatch~n~Liberty Deathmatch~n~Base Deathmatch~n~Arena Deathmatch~n~Zombotech Deathmatch~n~Factory Deathmatch~n~Rooftop Deathmatch"},
{"Massive Jump~n~The First RSW Race~n~Las Venturas Race~n~San Fierro Madness~n~Hospital Race~n~Race Five~n~Beach Race~n~Casino Race~n~Area 51 Race~n~Escape Los Santos~n~Escape San Fierro~n~Chilliad Race~n~Offroad Race~n~San Fierro Drift~n~Channel Race~n~Maddog Race~n~vRock Hotel Race~n~Railroad Race~n~Damn Race~n~Las Venturas Highway"},
{"Las Venturas Drag~n~Kingring Race~n~Desert Race~n~San Fierro Drag~n~Los Santos Drag~n~County Drag~n~Jump Race~n~Catalina Race~n~Ranger Race~n~Beach Line Race~n~Los Santos Yards~n~NRG Race"}

Same issue here. Must be an issue with the detection of k-codes as the strings you provided don't contain any of these.

Redirect Left · 03.01.2014, 01:00

this update breaks some of the colors on my server, although why I have no idea why. Would you like to tell me proper usage of colors, so I can figure out why it doesn't work and where I am going wrong?

d0 · 03.01.2014, 01:11

Quote:

Originally Posted by Redirect Left

this update breaks some of the colors on my server, although why I have no idea why. Would you like to tell me proper usage of colors, so I can figure out why it doesn't work and where I am going wrong?

Could you provide an example ? (with pictures ?)

xeeZ · 03.01.2014, 01:43

Quote:

Originally Posted by Meta

Wow, finally that mouse problem is gone

Nice work, security updates are always good to have.

EDIT:
Now I experience a

when I try to join any server from the server browser.

Same error here (Windows 8.1), can't connect even to localhost

Mandrakke · 03.01.2014, 10:40

Quote:

Originally Posted by d0

Could you provide code to reproduce this issue ?

Same issue here. Must be an issue with the detection of k-codes as the strings you provided don't contain any of these.

Here is the portion of code you need to reproduce the error:

pawn Код:

new DiasDaSemanaX[7][10] = {
    "Domingo",
    "Segunda",
    "Terca",
    "Quarta",
    "Quinta",
    "Sexta",
    "Sabado"
};

pawn Код:

new Text:Relogio;

pawn Код:

new irelogio[64];

pawn Код:

Relogio=TextDrawCreate(610,10,"00:00");
    TextDrawLetterSize(Relogio,0.5,1.8);
    TextDrawFont(Relogio,3);
    TextDrawAlignment(Relogio,3);
    TextDrawBackgroundColor(Relogio,0x000000FF);
    TextDrawSetOutline(Relogio,1);
        TextDrawBoxColor(Relogio, 0x000000FF);
        TextDrawSetShadow(Relogio,1);

pawn Код:

format(irelogio,sizeof(irelogio),"~g~%s ~n~0%d:0%dhs",DiasDaSemanaX[DiaDaSemana],Hrs,Min); //Replace DiasDaSemanaX[DiaDaSemana] to DiasDaSemanaX[3] or other array item.

pawn Код:

if(strlen(irelogio)) TextDrawSetString(Relogio,irelogio);

pawn Код:

public OnPlayerSpawn(playerid)
{
    TextDrawShowForPlayer(playerid,Relogio);
}

Sorry about the delay, ich habe keine Zeit

iZN · 03.01.2014, 19:32

Quote:

Originally Posted by xeeZ

Same error here (Windows 8.1), can't connect even to localhost

Same issue, using Windows 8 Pro x64.

d0 · 15.01.2014, 21:23

Quote:

Originally Posted by ikey07

Any possible dates when this version could be officially released?

Check http://sa-mp.com/download.php (Client 0.3x R2)

ikey07 · 15.01.2014, 23:08

Oh thanks, this topic should be moved to News and Updates, thats why I was wondering why players complain that they can't connect, as I kicked players who didn't used R1-2 version

IvanAyuso · 16.01.2014, 12:05

Quote:

Originally Posted by d0

Check http://sa-mp.com/download.php (Client 0.3x R2)

And it's totally official and is well tested without errors?

**dugi** · 16.01.2014, 12:12

Quote:

Originally Posted by IvanAyuso

And it's totally official and is well tested without errors?

It is

Locky_ · 31.01.2014, 15:21

Quote:

Originally Posted by d0

Check http://sa-mp.com/download.php (Client 0.3x R2)

d0, forgot to update the server (0.3x R2 patch1) for download in http://sa-mp.com/download.php

Login
Username:
Password:	Lost Password?
	Remember me