Mirroristas/rathena
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adds buy/sell safety check for Market Shops (#7840)

Browse Source 
* Fixes #7191.
* Adds a buy and sell safety check from the Market Shop type.
* Also includes an item validation check when loading items from SQL for Market Shops.
Thanks to @mazvi!
This commit is contained in:
Aleos 2023-09-05 13:34:40 -04:00 committed by GitHub
parent 0f18869276
commit f4fa967991
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
npc/re/merchants/eden_market.txt
View File

@ -63,7 +63,7 @@ function script F_CoolDown {
- marketshop para_ref20 FAKE_NPC,984:200000:10,985:200000:100,987:240000:1,988:600000:1,989:1200000:1
- marketshop para_jew10 FAKE_NPC,969:100000:20,7289:50000:20,7290:50000:20,7291:50000:20,7292:50000:20,7293:50000:20,7294:50000:20,7295:50000:20,7296:50000:20,7297:50000:20
- marketshop para_jew10 FAKE_NPC,969:1000000:20,7289:500000:20,7290:500000:20,7291:500000:20,7292:500000:20,7293:500000:20,7294:500000:20,7295:500000:20,7296:500000:20,7297:500000:20
- marketshop para_alc10 FAKE_NPC,971:20000:20,972:12000:20,970:12000:20:7136:7000:20,7135:18000:20

15
src/map/npc.cpp
View File

@ -4121,7 +4121,7 @@ static const char* npc_parse_shop(char* w1, char* w2, char* w3, char* w4, const
ShowWarning("npc_parse_shop: Item %s [%u] is being sold for FREE in file '%s', line '%d'.\n",
id->name.c_str(), nameid2, filepath, strline(buffer,start-buffer));
}
if( type == NPCTYPE_SHOP && value*0.75 < id->value_sell*1.24 ) { // Exploit possible: you can buy and sell back with profit
if( ( type == NPCTYPE_SHOP || type == NPCTYPE_MARKETSHOP ) && value*0.75 < id->value_sell*1.24 ) { // Exploit possible: you can buy and sell back with profit
ShowWarning("npc_parse_shop: Item %s [%u] discounted buying price (%d->%d) is less than overcharged selling price (%d->%d) at file '%s', line '%d'.\n",
id->name.c_str(), nameid2, value, (int)(value*0.75), id->value_sell, (int)(id->value_sell*1.24), filepath, strline(buffer,start-buffer));
}
@ -4921,6 +4921,19 @@ static void npc_market_fromsql(void) {
Sql_GetData(mmysql_handle, 3, &data, NULL); list.qty = atoi(data);
Sql_GetData(mmysql_handle, 4, &data, NULL); list.flag = atoi(data);
std::shared_ptr<item_data> id = item_db.find(list.nameid);
if (id == nullptr) {
ShowWarning("npc_market_fromsql: Invalid sell item in table '%s' (id '%u').\n", market_table, list.nameid);
continue;
}
if (list.value * 0.75 < id->value_sell * 1.24) { // Exploit possible: you can buy and sell back with profit
ShowWarning("npc_market_fromsql: Item %s [%u] discounted buying price (%d->%d) is less than overcharged selling price (%d->%d) in table '%s'. Assigning to current sell value.\n",
id->name.c_str(), list.nameid, list.value, (int)(list.value * 0.75), id->value_sell, (int)(id->value_sell * 1.24), market_table);
list.value = id->value_sell;
}
RECREATE(market->list, struct npc_item_list, market->count+1);
market->list[market->count++] = list;
count++;