summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYohann Ferreira <bertram@cegetel.net>2005-08-25 21:07:28 +0000
committerYohann Ferreira <bertram@cegetel.net>2005-08-25 21:07:28 +0000
commit941e0cfda282b2461e500fcdf5828a7e20bf6da6 (patch)
tree16b392cb9c57fefc621084c011ec0b724e84d128
parent9ba130f4628d8e52ebd50b810e761a81f69c0c4a (diff)
downloadmana-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.gz
mana-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.bz2
mana-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.xz
mana-941e0cfda282b2461e500fcdf5828a7e20bf6da6.zip
Adding min and max length check for password, more code cleanups in login and removing possible buffer overflows by replacing some global char[] by std::strings.
-rw-r--r--src/gui/char_select.cpp2
-rw-r--r--src/gui/login.cpp55
-rw-r--r--src/main.cpp6
-rw-r--r--src/main.h13
-rw-r--r--src/resources/buddylist.cpp4
5 files changed, 58 insertions, 22 deletions
diff --git a/src/gui/char_select.cpp b/src/gui/char_select.cpp
index 6c8a844b..de01a571 100644
--- a/src/gui/char_select.cpp
+++ b/src/gui/char_select.cpp
@@ -247,7 +247,7 @@ void CharSelectDialog::serverCharSelect()
map_port = RFIFOW(26);
state = GAME;
- logger->log("CharSelect: Map: %s", map_name);
+ logger->log("CharSelect: Map: %s", map_name.c_str());
logger->log("CharSelect: Server: %s:%d", iptostring(map_address), map_port);
RFIFOSKIP(28);
close_session();
diff --git a/src/gui/login.cpp b/src/gui/login.cpp
index f60d0dc9..8f26cf7d 100644
--- a/src/gui/login.cpp
+++ b/src/gui/login.cpp
@@ -24,6 +24,7 @@
#include "login.h"
#include <string>
+#include <sstream>
#include <guichan/sdl/sdlinput.hpp>
@@ -65,7 +66,7 @@ void WrongPasswordNoticeListener::action(const std::string &eventId)
void WrongUsernameNoticeListener::action(const std::string &eventId)
{
// Set the focus on the username Field
- loginDialog->userField->setCaretPosition(LEN_USERNAME - 1);
+ loginDialog->userField->setCaretPosition(LEN_MAX_USERNAME - 1);
loginDialog->userField->requestFocus();
wrongLoginNotice = NULL;
}
@@ -232,13 +233,44 @@ void LoginDialog::action(const std::string& eventId)
}
// Check login
- if (user.length() == 0) {
+ if (user.length() == 0) // No username
+ {
wrongLoginNotice = new OkDialog("Error", "Enter your username first.", &wrongUsernameNoticeListener);
- } else if (user.length() < 4) {
- wrongLoginNotice = new OkDialog("Error", "The username needs to be at least 4 characters.", &wrongUsernameNoticeListener);
- } else if (user.length() > LEN_USERNAME -1 ) {
- wrongLoginNotice = new OkDialog("Error", "The username needs to be less than 25 characters long.", &wrongUsernameNoticeListener);
- } else {
+ }
+ else if (user.length() < LEN_MIN_USERNAME) // Name too short
+ {
+ std::stringstream errorMessage;
+ errorMessage << "The username needs to be at least ";
+ errorMessage << LEN_MIN_USERNAME;
+ errorMessage << " characters long.";
+ wrongLoginNotice = new OkDialog("Error", errorMessage.str(), &wrongUsernameNoticeListener);
+ }
+ else if (user.length() > LEN_MAX_USERNAME - 1 ) // Name too long
+ {
+ std::stringstream errorMessage;
+ errorMessage << "The username needs to be less than ";
+ errorMessage << LEN_MAX_USERNAME;
+ errorMessage << " characters long.";
+ wrongLoginNotice = new OkDialog("Error", errorMessage.str(), &wrongUsernameNoticeListener);
+ }
+ else if (passField->getText().length() < LEN_MIN_PASSWORD) // Pass too short
+ {
+ std::stringstream errorMessage;
+ errorMessage << "The password needs to be at least ";
+ errorMessage << LEN_MIN_PASSWORD;
+ errorMessage << " characters long.";
+ wrongLoginNotice = new OkDialog("Error", errorMessage.str(), &wrongPasswordNoticeListener);
+ }
+ else if (passField->getText().length() > LEN_MAX_PASSWORD - 1 ) // Pass too long
+ {
+ std::stringstream errorMessage;
+ errorMessage << "The password needs to be less than ";
+ errorMessage << LEN_MAX_PASSWORD;
+ errorMessage << " characters long.";
+ wrongLoginNotice = new OkDialog("Error", errorMessage.str(), &wrongPasswordNoticeListener);
+ }
+ else // If no errors, register the new user.
+ {
attemptLogin(user + "_M", passField->getText());
close_session();
}
@@ -283,8 +315,8 @@ void login()
int attemptLogin(const std::string& user, const std::string& pass) {
- strncpy(username, user.c_str(), LEN_USERNAME);
- strncpy(password, pass.c_str(), LEN_PASSWORD);
+ username = user;
+ password = pass;
int ret;
// Connect to login server
@@ -303,8 +335,9 @@ int attemptLogin(const std::string& user, const std::string& pass) {
WFIFOW(0) = net_w_value(0x0064);
WFIFOL(2) = 0;
- memcpy(WFIFOP(6), username, 24);
- memcpy(WFIFOP(30), password, 24);
+
+ memcpy(WFIFOP(6), username.c_str(), LEN_MAX_USERNAME - 1);
+ memcpy(WFIFOP(30), password.c_str(), LEN_MAX_PASSWORD - 1);
WFIFOB(54) = 0;
WFIFOSET(55);
diff --git a/src/main.cpp b/src/main.cpp
index d2a8d964..84e8b73a 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -74,11 +74,11 @@ Spriteset *hairset = NULL, *playerset = NULL;
Image *login_wallpaper = NULL;
Graphics *graphics;
-char username[LEN_USERNAME];
-char password[LEN_PASSWORD];
+std::string username;
+std::string password;
int map_address, char_ID;
short map_port;
-char map_name[16];
+std::string map_name;
unsigned char state;
unsigned char screen_mode;
volatile int framesToDraw = 0;
diff --git a/src/main.h b/src/main.h
index 2dd4f87a..8546cfe6 100644
--- a/src/main.h
+++ b/src/main.h
@@ -51,15 +51,18 @@ enum {
* to be able to use strncpy instead of strcpy for
* security and stability reasons
*/
-#define LEN_USERNAME 25
-#define LEN_PASSWORD 25
+#define LEN_MAX_USERNAME 25
+#define LEN_MIN_USERNAME 4
+#define LEN_MAX_PASSWORD 25
+#define LEN_MIN_PASSWORD 4
+#include <string>
extern Image *login_wallpaper;
-extern char username[25];
-extern char password[25];
+extern std::string username;
+extern std::string password;
extern int map_address, char_ID;
extern short map_port;
-extern char map_name[16];
+extern std::string map_name;
extern int account_ID, session_ID1, session_ID2;
extern char sex, n_server, n_character;
extern unsigned char state;
diff --git a/src/resources/buddylist.cpp b/src/resources/buddylist.cpp
index 6293bc84..2e2cdea6 100644
--- a/src/resources/buddylist.cpp
+++ b/src/resources/buddylist.cpp
@@ -53,8 +53,8 @@ void BuddyList::loadFile(void)
}
do {
- buddy = (char *) calloc(LEN_USERNAME, sizeof(char));
- inputStream.getline(buddy, LEN_USERNAME);
+ buddy = (char *) calloc(LEN_MAX_USERNAME, sizeof(char));
+ inputStream.getline(buddy, LEN_MAX_USERNAME);
// Ugly ?
if(strcmp(buddy,"") != 0) buddylist.push_back(buddy);
free(buddy);