mirror of
https://github.com/OpenFusionProject/OpenFusion.git
synced 2024-11-25 22:40:16 +00:00
Validate cookie data
This commit is contained in:
parent
be99714495
commit
2b1a028b3d
@ -30,13 +30,17 @@ void CNLoginServer::handlePacket(CNSocket* sock, CNPacketData* data) {
|
|||||||
std::string userPassword((char*)login->szCookie_authid);
|
std::string userPassword((char*)login->szCookie_authid);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The std::string -> char* -> std::string maneuver should remove any
|
* Sometimes the client sends garbage cookie data.
|
||||||
* trailing garbage after the null terminator.
|
* Validate it as normal credentials instead of using a length check before falling back.
|
||||||
*/
|
*/
|
||||||
if (userLogin.length() == 0)
|
if (!CNLoginServer::isLoginDataGood(userLogin, userPassword)) {
|
||||||
|
/*
|
||||||
|
* The std::string -> char* -> std::string maneuver should remove any
|
||||||
|
* trailing garbage after the null terminator.
|
||||||
|
*/
|
||||||
userLogin = std::string(U16toU8(login->szID).c_str());
|
userLogin = std::string(U16toU8(login->szID).c_str());
|
||||||
if (userPassword.length() == 0)
|
|
||||||
userPassword = std::string(U16toU8(login->szPassword).c_str());
|
userPassword = std::string(U16toU8(login->szPassword).c_str());
|
||||||
|
}
|
||||||
|
|
||||||
bool success = false;
|
bool success = false;
|
||||||
int errorCode = 0;
|
int errorCode = 0;
|
||||||
|
Loading…
Reference in New Issue
Block a user