mirror of
https://github.com/OpenFusionProject/OpenFusion.git
synced 2024-11-22 13:30:06 +00:00
Improve DB and Nano sanity checks
I'm aware that the DB checks still allow ID 0 items and Nanos, but the point of those is primarily to prevent invalid memory access.
This commit is contained in:
parent
04a17ed862
commit
217168fe50
@ -906,7 +906,7 @@ void Database::getPlayer(Player* plr, int id) {
|
|||||||
int slot = sqlite3_column_int(stmt, 0);
|
int slot = sqlite3_column_int(stmt, 0);
|
||||||
|
|
||||||
// for extra safety
|
// for extra safety
|
||||||
if (slot > AEQUIP_COUNT + AINVEN_COUNT + ABANK_COUNT) {
|
if (slot < 0 || slot > AEQUIP_COUNT + AINVEN_COUNT + ABANK_COUNT) {
|
||||||
std::cout << "[WARN] Database: Invalid item slot in db?! " << std::endl;
|
std::cout << "[WARN] Database: Invalid item slot in db?! " << std::endl;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@ -947,6 +947,10 @@ void Database::getPlayer(Player* plr, int id) {
|
|||||||
while (sqlite3_step(stmt) == SQLITE_ROW) {
|
while (sqlite3_step(stmt) == SQLITE_ROW) {
|
||||||
int slot = sqlite3_column_int(stmt, 0);
|
int slot = sqlite3_column_int(stmt, 0);
|
||||||
|
|
||||||
|
// for extra safety
|
||||||
|
if (slot < 0)
|
||||||
|
continue;
|
||||||
|
|
||||||
sItemBase* item = &plr->QInven[slot];
|
sItemBase* item = &plr->QInven[slot];
|
||||||
item->iType = 8;
|
item->iType = 8;
|
||||||
item->iID = sqlite3_column_int(stmt, 1);
|
item->iID = sqlite3_column_int(stmt, 1);
|
||||||
@ -969,7 +973,7 @@ void Database::getPlayer(Player* plr, int id) {
|
|||||||
int id = sqlite3_column_int(stmt, 0);
|
int id = sqlite3_column_int(stmt, 0);
|
||||||
|
|
||||||
// for extra safety
|
// for extra safety
|
||||||
if (id > NANO_COUNT)
|
if (id < 0 || id > NANO_COUNT)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
sNano* nano = &plr->Nanos[id];
|
sNano* nano = &plr->Nanos[id];
|
||||||
@ -1877,4 +1881,4 @@ void Database::recordCodeRedemption(int playerId, std::string code) {
|
|||||||
if (sqlite3_step(stmt) != SQLITE_DONE)
|
if (sqlite3_step(stmt) != SQLITE_DONE)
|
||||||
std::cout << "[WARN] Database: recording of code redemption failed: " << sqlite3_errmsg(db) << std::endl;
|
std::cout << "[WARN] Database: recording of code redemption failed: " << sqlite3_errmsg(db) << std::endl;
|
||||||
sqlite3_finalize(stmt);
|
sqlite3_finalize(stmt);
|
||||||
}
|
}
|
||||||
|
@ -240,7 +240,7 @@ void NanoManager::nanoPotionHandler(CNSocket* sock, CNPacketData* data) {
|
|||||||
|
|
||||||
#pragma region Helper methods
|
#pragma region Helper methods
|
||||||
void NanoManager::addNano(CNSocket* sock, int16_t nanoID, int16_t slot, bool spendfm) {
|
void NanoManager::addNano(CNSocket* sock, int16_t nanoID, int16_t slot, bool spendfm) {
|
||||||
if (nanoID >= NANO_COUNT)
|
if (nanoID <= 0 || nanoID >= NANO_COUNT)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
Player *plr = PlayerManager::getPlayer(sock);
|
Player *plr = PlayerManager::getPlayer(sock);
|
||||||
|
Loading…
Reference in New Issue
Block a user