From 624ea1e233e2d78db6436efd978200ee1d40f131 Mon Sep 17 00:00:00 2001
From: shennetsind <shennetsind@54d463be-8e91-2dee-dedb-b68131a5f0ec>
Date: Tue, 20 Dec 2011 03:48:42 +0000
Subject: [PATCH] 1/2/3-letter char name creation exploit fix.

git-svn-id: https://svn.code.sf.net/p/rathena/svn/trunk@15169 54d463be-8e91-2dee-dedb-b68131a5f0ec
---
 src/char_sql/char.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/char_sql/char.c b/src/char_sql/char.c
index b1f4a1c940..410f813e3c 100644
--- a/src/char_sql/char.c
+++ b/src/char_sql/char.c
@@ -1293,7 +1293,12 @@ int check_char_name(char * name, char * esc_name)
 	// check length of character name
 	if( name[0] == '\0' )
 		return -2; // empty character name
-
+	/**
+	 * The client does not allow you to create names with less than 4 characters, however,
+	 * the use of WPE can bypass this, and this fixes the exploit.
+	 **/
+	if( strlen( name ) < 4 )
+		return -2;
 	// check content of character name
 	if( remove_control_chars(name) )
 		return -2; // control chars in name