Mirroristas/rathena
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adjusted the exploit crashfix from r13678 to abort when invalid input is detected.

Browse Source 
Script text input packets of length 8 are now also invalid since there must be at least a zero byte (end of string) present.

git-svn-id: https://svn.code.sf.net/p/rathena/svn/trunk@13680 54d463be-8e91-2dee-dedb-b68131a5f0ec
This commit is contained in:
ultramage 2009-04-20 16:28:53 +00:00
parent 385f00682b
commit c7515f00d8
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/map/clif.c
View File

@ -9797,8 +9797,8 @@ void clif_parse_NpcStringInput(int fd, struct map_session_data* sd)
int npcid = RFIFOL(fd,4); int npcid = RFIFOL(fd,4);
const char* message = (char*)RFIFOP(fd,8); const char* message = (char*)RFIFOP(fd,8);
if( message_len < 0 ) if( message_len <= 0 )
message_len = 0; return; // invalid input
safestrncpy(sd->npc_str, message, min(message_len,CHATBOX_SIZE)); safestrncpy(sd->npc_str, message, min(message_len,CHATBOX_SIZE));
npc_scriptcont(sd, npcid); npc_scriptcont(sd, npcid);