Merge pull request #570 from zerosum0x0/potential_makeplat

fix potential plat creation exploit
2025-12-13 06:21:28 +00:00 · 2016-11-06 16:10:43 -06:00 · 2016-11-06 16:10:43 -06:00 · e23fd269d5
commit e23fd269d5
parent 06e2f76c05 66f253553a
1 changed files with 6 additions and 0 deletions
--- a/zone/client_process.cpp
+++ b/zone/client_process.cpp
@ -1194,6 +1194,12 @@ void Client::OPMoveCoin(const EQApplicationPacket* app)
 	int32 *from_bucket = 0, *to_bucket = 0;
 	Mob* trader = trade->With();

+	// if amount < 0, client is sending a malicious packet
+	if (mc->amount < 0)
+	{
+		return;
+	}
+	
 	// could just do a range, but this is clearer and explicit
 	if
 	(