Bug Report
Title
Unauthenticated malformed message crashes central game loop (single-packet DoS)
Severity
Critical
Affected Component
AIDojoCoordinator/coordinator.py (equivalent to hinted netsecgame/game/agent_server.py flow)
Vulnerability Type
Denial of Service (DoS) via unhandled exception / logic error
Description
The coordinator accepts raw network input from agents and pushes it to run_game(). In run_game(), JSON parsing failures are logged but not handled safely. The code continues to match action.type even when Action.from_json(message) failed, leaving action undefined.
This raises UnboundLocalError and terminates the main action-processing coroutine. A single unauthenticated client can send one malformed message and stop action processing for all players.
Evidence (Code References)
AIDojoCoordinator/coordinator.py:422-428: parse exception is caught and only logged.AIDojoCoordinator/coordinator.py:429: match action.type is executed regardless of parse success.
Impact
- Full service-level DoS of gameplay processing.
- Affects all connected agents, not just attacker session.
- Exploitable remotely without authentication.
Reproduction
- Connect to the game TCP port as an agent client.
- Send invalid/non-JSON payload (or malformed action JSON).
- The server logs parse failure, then raises on
action.type.
run_game() task dies; coordinator stops processing subsequent actions.
Example payload:
Root Cause
Control flow uses action outside the success path of Action.from_json(). The exception handler does not continue, default action, or return an error response.
Suggested Fix
- After parse failure, immediately respond with
BAD_REQUEST and continue the loop.
- Wrap action dispatch (
match action.type) in a safe guard that only runs if parsing succeeded.
- Add regression test: malformed message must not crash
run_game() and must produce error response.
Why This Is The Most Serious Issue
This is a one-packet, unauthenticated, service-wide kill-switch against the central coordinator loop, making it higher impact than per-connection hangs or protocol robustness issues.
Bug Report
Title
Unauthenticated malformed message crashes central game loop (single-packet DoS)
Severity
Critical
Affected Component
AIDojoCoordinator/coordinator.py(equivalent to hintednetsecgame/game/agent_server.pyflow)Vulnerability Type
Denial of Service (DoS) via unhandled exception / logic error
Description
The coordinator accepts raw network input from agents and pushes it to
run_game(). Inrun_game(), JSON parsing failures are logged but not handled safely. The code continues tomatch action.typeeven whenAction.from_json(message)failed, leavingactionundefined.This raises
UnboundLocalErrorand terminates the main action-processing coroutine. A single unauthenticated client can send one malformed message and stop action processing for all players.Evidence (Code References)
AIDojoCoordinator/coordinator.py:422-428: parse exception is caught and only logged.AIDojoCoordinator/coordinator.py:429:match action.typeis executed regardless of parse success.Impact
Reproduction
action.type.run_game()task dies; coordinator stops processing subsequent actions.Example payload:
Root Cause
Control flow uses
actionoutside the success path ofAction.from_json(). The exception handler does notcontinue, defaultaction, or return an error response.Suggested Fix
BAD_REQUESTandcontinuethe loop.match action.type) in a safe guard that only runs if parsing succeeded.run_game()and must produce error response.Why This Is The Most Serious Issue
This is a one-packet, unauthenticated, service-wide kill-switch against the central coordinator loop, making it higher impact than per-connection hangs or protocol robustness issues.