diff options
| author | Hello=) <hello@themanaworld.org> | 2022-12-15 17:42:22 +0300 |
|---|---|---|
| committer | Hello=) <hello@themanaworld.org> | 2022-12-15 17:42:22 +0300 |
| commit | e42f76d0b0f4d2ec3a9008979267311f5246fb22 (patch) | |
| tree | 03471f36b6326c31b12dc0defd546eea2a2ab4da | |
| parent | fdc6b727e76a695daf225787181f249c390a1541 (diff) | |
| download | tmwa-e42f76d0b0f4d2ec3a9008979267311f5246fb22.tar.gz tmwa-e42f76d0b0f4d2ec3a9008979267311f5246fb22.tar.bz2 tmwa-e42f76d0b0f4d2ec3a9008979267311f5246fb22.tar.xz tmwa-e42f76d0b0f4d2ec3a9008979267311f5246fb22.zip | |
Hello=). Someone said its up to GMs to deal with users exploiting their servers.
Let's do it. What you think happens when you hit IRCop by exploit? :P
This is fix for exploit we've been seen in the wild during meeting.
NB: due to nature of exploit real culprit would be undetected
Reason: map server disconnected users without doing logging.
| -rw-r--r-- | src/map/clif.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/map/clif.cpp b/src/map/clif.cpp index f71feb6..0eb2b8c 100644 --- a/src/map/clif.cpp +++ b/src/map/clif.cpp @@ -6083,6 +6083,17 @@ AString clif_validate_chat(dumb_ptr<map_session_data> sd, ChatType type, XString WARN_MALFORMED_MSG(sd, "exceeded maximum message length"_s); return AString(); } + // Try to grasp max allowed message for global accounting for CharName + if (type == ChatType::Global && \ + (buf.size() >= (battle_config.chat_maxline - (2+sizeof(CharName)))) || \ + buf.size() >= 486) // 486 is hard clamp if battle_config.chat_maxline too small, etc + { + WARN_MALFORMED_MSG(sd, "exceeded maximum Global message length"_s); + AString hack_msg = STRPRINTF("[GM] %s attempted oversized Global chat message"_fmt, + sd->status_key.name); + tmw_GmHackMsg(hack_msg); // alert GMs about possible exploit attempt. + return AString(); + } // Step beyond the separator. for older clients if (type == ChatType::Global && sd->client_version < wrap<ClientVersion>(6)) |