1/2/3-letter char name creation exploit fix.

git-svn-id: https://svn.code.sf.net/p/rathena/svn/trunk@15169 54d463be-8e91-2dee-dedb-b68131a5f0ec
2011-12-20 03:48:42 +00:00 · 2011-12-20 03:48:42 +00:00 · 624ea1e233
commit 624ea1e233
parent 6c16fc0d39
1 changed files with 6 additions and 1 deletions
--- a/src/char_sql/char.c
+++ b/src/char_sql/char.c
@ -1293,7 +1293,12 @@ int check_char_name(char * name, char * esc_name)
 	// check length of character name
 	if( name[0] == '\0' )
 		return -2; // empty character name
-
+	/**
+	 * The client does not allow you to create names with less than 4 characters, however,
+	 * the use of WPE can bypass this, and this fixes the exploit.
+	 **/
+	if( strlen( name ) < 4 )
+		return -2;
 	// check content of character name
 	if( remove_control_chars(name) )
 		return -2; // control chars in name