[Kde-games-devel] KBattleship network protocol reveals ship types
Albert Astals Cid
aacid at kde.org
Thu Mar 16 19:21:08 CET 2006
A Dijous 16 Març 2006 00:05, Stephen McCamant va escriure:
> While looking at the protocol that KBattleship uses for network games,
> I noticed an unexpected feature: in the ANSWER_SHOOT message that
> tells the opponent whether their shot was a hit or a miss, the client
> actually reveals some extra information. Because the "fieldstate"
> field of the message is taken directly from the return value of the
> shipTypeAt() method, it also reveals the type of ship that the shot
> hit.
>
> It seems to me that this was unintentional: in the GUI, the explosion
> you see doesn't indicate what length ship you hit (unless you've sunk
> it). However, knowing the length of the ship gives the player an
> advantage: for instance, depending on other shots you've made, it
> might let you deduce the ship's orientation when you otherwise
> couldn't.
>
> Having extra information in the protocol that isn't normally revealed
> makes it possible to cheat by modifying your client program. In the
> case of this information, the modification is pretty easy: I've
> appended a patch to the end of this message that demonstrates how to
> modify your copy of kbattleship to cheat by showing a ship icon rather
> than an explosion icon in the "enemy's board" area. (The patch is
> against the version in KDE 3.3.2 from Debian sarge, but probably can
> be applied to any recent version.)
>
> However, I'm not suggesting that the real kbattleship be modified to
> cheat in this way: I think that instead, the protocol should be
> changed to not reveal the extra information (except when you've sunk a
> ship, when it's revealed anyway). It looks like it would be compatible
> with existing clients to always return the same ship type for
> non-sinking hits.
>
> Does that sound like the right change to make? I'm looking into a
> patch to the KBattleshipWindow::slotSendEnemyFieldState method in the
> latest version from SVN that should fix it, but first I have to
> recompile the latest versions of some libraries to test with.
It would be nice if you could provide that patch yes.
Thanks :-)
Albert
P.S: I hope you are not trying to donwload SVN trunk (that will be KDE 4.0 but
branches/3.5) so we can fix that for KDE 3.5.3 and so on.
______________________________________________
LLama Gratis a cualquier PC del Mundo.
Llamadas a fijos y móviles desde 1 céntimo por minuto.
http://es.voice.yahoo.com
More information about the kde-games-devel
mailing list