OpenPunk/OpenFusion
1
0
Fork 0
mirror of https://github.com/OpenFusionProject/OpenFusion.git synced 2024-11-22 05:20:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve DB and Nano sanity checks

Browse Source 
I'm aware that the DB checks still allow ID 0 items and Nanos, but the
point of those is primarily to prevent invalid memory access.
This commit is contained in:
dongresource 2021-01-27 02:27:08 +01:00
parent 04a17ed862
commit 217168fe50
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Database.cpp
View File

@ -906,7 +906,7 @@ void Database::getPlayer(Player* plr, int id) {
int slot = sqlite3_column_int(stmt, 0);
// for extra safety
if (slot > AEQUIP_COUNT + AINVEN_COUNT + ABANK_COUNT) {
if (slot < 0 || slot > AEQUIP_COUNT + AINVEN_COUNT + ABANK_COUNT) {
std::cout << "[WARN] Database: Invalid item slot in db?! " << std::endl;
continue;
}
@ -947,6 +947,10 @@ void Database::getPlayer(Player* plr, int id) {
while (sqlite3_step(stmt) == SQLITE_ROW) {
int slot = sqlite3_column_int(stmt, 0);
// for extra safety
if (slot < 0)
continue;
sItemBase* item = &plr->QInven[slot];
item->iType = 8;
item->iID = sqlite3_column_int(stmt, 1);
@ -969,7 +973,7 @@ void Database::getPlayer(Player* plr, int id) {
int id = sqlite3_column_int(stmt, 0);
// for extra safety
if (id > NANO_COUNT)
if (id < 0 || id > NANO_COUNT)
continue;
sNano* nano = &plr->Nanos[id];
@ -1877,4 +1881,4 @@ void Database::recordCodeRedemption(int playerId, std::string code) {
if (sqlite3_step(stmt) != SQLITE_DONE)
std::cout << "[WARN] Database: recording of code redemption failed: " << sqlite3_errmsg(db) << std::endl;
sqlite3_finalize(stmt);
}
}

2
src/NanoManager.cpp
View File

@ -240,7 +240,7 @@ void NanoManager::nanoPotionHandler(CNSocket* sock, CNPacketData* data) {
#pragma region Helper methods
void NanoManager::addNano(CNSocket* sock, int16_t nanoID, int16_t slot, bool spendfm) {
if (nanoID >= NANO_COUNT)
if (nanoID <= 0 || nanoID >= NANO_COUNT)
return;
Player *plr = PlayerManager::getPlayer(sock);