Mirroristas/rathena
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added sanity checks to pincode decryption (#8404)

Browse Source
This commit is contained in:
Jittapan Pluemsumran 2024-06-11 03:03:49 +07:00 committed by GitHub
parent 92722db3ab
commit 9267c2bf8a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 41 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/char/char.cpp
View File

@ -2158,12 +2158,19 @@ int char_pincode_compare( int fd, struct char_session_data* sd, char* pin ){
}
}
void char_pincode_decrypt( uint32 userSeed, char* pin ){
bool char_pincode_decrypt( uint32 userSeed, char* pin ){
int i;
char tab[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
char *buf;
if (safestrnlen(pin, 4) != PINCODE_LENGTH)
return false;
for (i = 0; i < PINCODE_LENGTH; ++i) {
if (!ISDIGIT(pin[i]))
return false;
}
for( i = 1; i < 10; i++ ){
int pos;
uint32 multiplier = 0x3498, baseSeed = 0x881234;
@ -2184,6 +2191,8 @@ void char_pincode_decrypt( uint32 userSeed, char* pin ){
}
strcpy( pin, buf );
aFree( buf );
return true;
}
#endif

2
src/char/char.hpp
View File

@ -318,7 +318,7 @@ int char_family(int pl1,int pl2,int pl3);
int char_loadName(uint32 char_id, char* name);
int char_check_char_name(char * name, char * esc_name);
void char_pincode_decrypt( uint32 userSeed, char* pin );
bool char_pincode_decrypt( uint32 userSeed, char* pin );
int char_pincode_compare( int fd, struct char_session_data* sd, char* pin );
void char_auth_ok(int fd, struct char_session_data *sd);
void char_set_charselect(uint32 account_id);

30
src/char/char_clif.cpp
View File

@ -167,14 +167,20 @@ int chclif_parse_pincode_check( int fd, struct char_session_data* sd ){
char pin[PINCODE_LENGTH+1];
if( charserv_config.pincode_config.pincode_enabled==0 || RFIFOL(fd,2) != sd->account_id )
if( charserv_config.pincode_config.pincode_enabled==0 || RFIFOL(fd,2) != sd->account_id ) {
set_eof(fd);
return 1;
}
memset(pin,0,PINCODE_LENGTH+1);
strncpy((char*)pin, RFIFOCP(fd, 6), PINCODE_LENGTH);
RFIFOSKIP(fd,10);
char_pincode_decrypt(sd->pincode_seed, pin );
if (!char_pincode_decrypt(sd->pincode_seed, pin )) {
set_eof(fd);
return 1;
}
if( char_pincode_compare( fd, sd, pin ) ){
chclif_pincode_sendstate( fd, sd, PINCODE_PASSED );
}
@ -257,8 +263,10 @@ bool pincode_allowed( char* pincode ){
int chclif_parse_pincode_change( int fd, struct char_session_data* sd ){
FIFOSD_CHECK(14);
if( charserv_config.pincode_config.pincode_enabled==0 || RFIFOL(fd,2) != sd->account_id )
if( charserv_config.pincode_config.pincode_enabled==0 || RFIFOL(fd,2) != sd->account_id ) {
set_eof(fd);
return 1;
}
else {
char oldpin[PINCODE_LENGTH+1];
char newpin[PINCODE_LENGTH+1];
@ -269,10 +277,13 @@ int chclif_parse_pincode_change( int fd, struct char_session_data* sd ){
strncpy(newpin, RFIFOCP(fd,10), PINCODE_LENGTH);
RFIFOSKIP(fd,14);
char_pincode_decrypt(sd->pincode_seed,oldpin);
if (!char_pincode_decrypt(sd->pincode_seed,oldpin) || !char_pincode_decrypt(sd->pincode_seed,newpin)) {
set_eof(fd);
return 1;
}
if( !char_pincode_compare( fd, sd, oldpin ) )
return 1;
char_pincode_decrypt(sd->pincode_seed,newpin);
if( pincode_allowed(newpin) ){
chlogif_pincode_notifyLoginPinUpdate( sd->account_id, newpin );
@ -293,15 +304,20 @@ int chclif_parse_pincode_change( int fd, struct char_session_data* sd ){
int chclif_parse_pincode_setnew( int fd, struct char_session_data* sd ){
FIFOSD_CHECK(10);
if( charserv_config.pincode_config.pincode_enabled==0 || RFIFOL(fd,2) != sd->account_id )
if( charserv_config.pincode_config.pincode_enabled==0 || RFIFOL(fd,2) != sd->account_id ) {
set_eof(fd);
return 1;
}
else {
char newpin[PINCODE_LENGTH+1];
memset(newpin,0,PINCODE_LENGTH+1);
strncpy( newpin, RFIFOCP(fd,6), PINCODE_LENGTH );
RFIFOSKIP(fd,10);
char_pincode_decrypt( sd->pincode_seed, newpin );
if (!char_pincode_decrypt( sd->pincode_seed, newpin )) {
set_eof(fd);
return 1;
}
if( pincode_allowed(newpin) ){
chlogif_pincode_notifyLoginPinUpdate( sd->account_id, newpin );