pa/eqemu-server
2
0
Fork 0
mirror of https://github.com/EQEmu/Server.git synced 2026-02-18 06:32:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Make sure some strings coming from the client are actually null terminated.

Browse Source
This commit is contained in:
KimLS 2014-02-10 21:00:25 -08:00
parent 51dff22b93
commit 1ec0add76f
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
zone/client.cpp
View File

@ -1082,10 +1082,12 @@ void Client::ChannelMessageReceived(uint8 chan_num, uint8 language, uint8 lang_s
{
// Emotes for Underfoot and later.
// crash protection -- cheater
if (strlen(message) > 512)
message[1023] = '\0';
size_t msg_len = strlen(message);
if (msg_len > 512)
message[512] = '\0';
EQApplicationPacket* outapp = new EQApplicationPacket(OP_Emote, 4 + strlen(message) + strlen(GetName()) + 2);
EQApplicationPacket* outapp = new EQApplicationPacket(OP_Emote, 4 + msg_len + strlen(GetName()) + 2);
Emote_Struct* es = (Emote_Struct*)outapp->pBuffer;
char *Buffer = (char *)es;
Buffer += 4;

3
zone/client_packet.cpp
View File

@ -7361,6 +7361,8 @@ void Client::Handle_OP_Emote(const EQApplicationPacket *app)
// Calculate new packet dimensions
Emote_Struct* in = (Emote_Struct*)app->pBuffer;
in->message[1023] = '\0';
const char* name = GetName();
uint32 len_name = strlen(name);
uint32 len_msg = strlen(in->message);
@ -11624,6 +11626,7 @@ void Client::Handle_OP_GMSearchCorpse(const EQApplicationPacket *app)
}
GMSearchCorpse_Struct *gmscs = (GMSearchCorpse_Struct *)app->pBuffer;
gmscs->Name[63] = '\0';
char errbuf[MYSQL_ERRMSG_SIZE];
char* Query = 0;