Fixed friend adding exploit, bugreport:4629

git-svn-id: https://svn.code.sf.net/p/rathena/svn/trunk@15118 54d463be-8e91-2dee-dedb-b68131a5f0ec
2011-12-14 21:59:56 +00:00 · 2011-12-14 21:59:56 +00:00 · bc87e05c2d
commit bc87e05c2d
parent d6bfea6132
2 changed files with 10 additions and 2 deletions
--- a/src/map/clif.c
+++ b/src/map/clif.c
@ -12279,7 +12279,10 @@ void clif_parse_FriendsListAdd(int fd, struct map_session_data *sd)
 		clif_friendslist_reqack(sd, f_sd, 2);
 		return;
 	}
-		
+
+	f_sd->friend_req = sd->status.char_id;
+	sd->friend_req   = f_sd->status.char_id;
+
 	f_fd = f_sd->fd;
 	WFIFOHEAD(f_fd,packet_len(0x207));
 	WFIFOW(f_fd,0) = 0x207;
@ -12311,7 +12314,7 @@ void clif_parse_FriendsListReply(int fd, struct map_session_data *sd)
 	if (f_sd == NULL)
 		return;
 		
-	if (reply == 0)
+	if (reply == 0 || !( sd->friend_req == f_sd->status.char_id && f_sd->friend_req == sd->status.char_id ) )
 		clif_friendslist_reqack(f_sd, sd, 1);
 	else {
 		int i;
--- a/src/map/pc.h
+++ b/src/map/pc.h
@ -451,6 +451,11 @@ struct map_session_data {
 	unsigned int npc_idle_tick;
 #endif

+	/**
+	 * Guarantees your friend request is legit (for bugreport:6429)
+	 **/
+	int friend_req;
+
 	// temporary debugging of bug #3504
 	const char* delunit_prevfile;
 	int delunit_prevline;