1/2/3-letter char name creation exploit fix.

git-svn-id: https://rathena.svn.sourceforge.net/svnroot/rathena/trunk@15169 54d463be-8e91-2dee-dedb-b68131a5f0ec
author: shennetsind <shennetsind@54d463be-8e91-2dee-dedb-b68131a5f0ec> 2011-12-20 03:48:42 +0000
committer: shennetsind <shennetsind@54d463be-8e91-2dee-dedb-b68131a5f0ec> 2011-12-20 03:48:42 +0000
commit: 9047184594dfbe6237ad18179160badefecf6e22 (patch)
tree: 75f6d9c3b7cf0dc1d28294fbbd78ec87cec98c8c /src
parent: a9c4f6b3e887343fd0cc182e3ac48e78155a5bd8 (diff)
download: hercules-9047184594dfbe6237ad18179160badefecf6e22.tar.gz
hercules-9047184594dfbe6237ad18179160badefecf6e22.tar.bz2
hercules-9047184594dfbe6237ad18179160badefecf6e22.tar.xz
hercules-9047184594dfbe6237ad18179160badefecf6e22.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/src/char_sql/char.c b/src/char_sql/char.c
index b1f4a1c94..410f813e3 100644
--- a/src/char_sql/char.c
+++ b/src/char_sql/char.c
@@ -1293,7 +1293,12 @@ int check_char_name(char * name, char * esc_name)
 	// check length of character name
 	if( name[0] == '\0' )
 		return -2; // empty character name
-
+	/**
+	 * The client does not allow you to create names with less than 4 characters, however,
+	 * the use of WPE can bypass this, and this fixes the exploit.
+	 **/
+	if( strlen( name ) < 4 )
+		return -2;
 	// check content of character name
 	if( remove_control_chars(name) )
 		return -2; // control chars in name
author	shennetsind <shennetsind@54d463be-8e91-2dee-dedb-b68131a5f0ec>	2011-12-20 03:48:42 +0000
committer	shennetsind <shennetsind@54d463be-8e91-2dee-dedb-b68131a5f0ec>	2011-12-20 03:48:42 +0000
commit	9047184594dfbe6237ad18179160badefecf6e22 (patch)
tree	75f6d9c3b7cf0dc1d28294fbbd78ec87cec98c8c /src
parent	a9c4f6b3e887343fd0cc182e3ac48e78155a5bd8 (diff)
download	hercules-9047184594dfbe6237ad18179160badefecf6e22.tar.gz hercules-9047184594dfbe6237ad18179160badefecf6e22.tar.bz2 hercules-9047184594dfbe6237ad18179160badefecf6e22.tar.xz hercules-9047184594dfbe6237ad18179160badefecf6e22.zip