lineage2/l2j_mobius
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

RequestBuyItem exploit prevention.

Browse Source 
Contributed by G-hamsteR.
This commit is contained in:
MobiusDevelopment 2020-09-16 11:28:08 +00:00
parent b3ad481d97
commit 2723644d8c
2 changed files with 30 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
L2J_Mobius_C4_ScionsOfDestiny/java/org/l2jmobius/gameserver/network/clientpackets/RequestBuyItem.java
View File

@ -67,15 +67,26 @@ public class RequestBuyItem extends GameClientPacket
for (int i = 0; i < _count; i++)
{
final int itemId = readD();
_items[(i * 2) + 0] = itemId;
final long cnt = readD();
if ((cnt > Integer.MAX_VALUE) || (cnt < 0))
if (itemId < 1)
{
_count = 0;
return;
}
_items[(i * 2) + 0] = itemId;
_items[(i * 2) + 1] = (int) cnt;
final int count = readD();
if ((count > Integer.MAX_VALUE) || (count < 1))
{
_count = 0;
return;
}
if (count > 10000) // Count check.
{
getClient().getPlayer().sendMessage("You cannot buy more than 10.000 items.");
_count = 0;
return;
}
_items[(i * 2) + 1] = count;
}
}

19
L2J_Mobius_C6_Interlude/java/org/l2jmobius/gameserver/network/clientpackets/RequestBuyItem.java
View File

@ -67,15 +67,26 @@ public class RequestBuyItem extends GameClientPacket
for (int i = 0; i < _count; i++)
{
final int itemId = readD();
_items[(i * 2) + 0] = itemId;
final long cnt = readD();
if ((cnt > Integer.MAX_VALUE) || (cnt < 0))
if (itemId < 1)
{
_count = 0;
return;
}
_items[(i * 2) + 0] = itemId;
_items[(i * 2) + 1] = (int) cnt;
final int count = readD();
if ((count > Integer.MAX_VALUE) || (count < 1))
{
_count = 0;
return;
}
if (count > 10000) // Count check.
{
getClient().getPlayer().sendMessage("You cannot buy more than 10.000 items.");
_count = 0;
return;
}
_items[(i * 2) + 1] = count;
}
}