diff options
-rw-r--r-- | Changelog.txt | 1 | ||||
-rw-r--r-- | src/map/trade.c | 7 | ||||
-rw-r--r-- | src/map/vending.c | 114 |
3 files changed, 59 insertions, 63 deletions
diff --git a/Changelog.txt b/Changelog.txt index 263936753..5b18ed4bb 100644 --- a/Changelog.txt +++ b/Changelog.txt @@ -1,5 +1,6 @@ Date Added 11/21 + * Re-Fixed Trade/Vending exploit [Lupus] * Fixed @whozeny. [Valaris] * Added rest of mapflags to const.txt. [Valaris] * Closed AFM files after reading, this fixed the improper char-server session #. [Valaris] diff --git a/src/map/trade.c b/src/map/trade.c index 4f8d81b35..9d2128690 100644 --- a/src/map/trade.c +++ b/src/map/trade.c @@ -96,8 +96,10 @@ void trade_tradeadditem(struct map_session_data *sd, int index, int amount) sd->deal_zeny = amount; clif_tradeadditem(sd, target_sd, 0, amount); } else { - trade_tradecancel(sd); - return; + if (amount != 0) { + trade_tradecancel(sd); + return; + } } } } else if (amount > 0 && amount <= sd->status.inventory[index-2].amount) { @@ -128,7 +130,6 @@ void trade_tradeadditem(struct map_session_data *sd, int index, int amount) } } - /*========================================== * アイテム追加完了(ok押し) *------------------------------------------ diff --git a/src/map/vending.c b/src/map/vending.c index 0bf0b884e..a7aa708e5 100644 --- a/src/map/vending.c +++ b/src/map/vending.c @@ -48,86 +48,80 @@ void vending_vendinglistreq(struct map_session_data *sd,int id) */ void vending_purchasereq(struct map_session_data *sd,int len,int id,unsigned char *p) { - int i,j,w,z,new=0,blank,vend_list[12]; - short amount,index; - struct map_session_data *vsd=map_id2sd(id); + int i, j, w, z, new = 0, blank, vend_list[12]; + short amount, index; + struct map_session_data *vsd = map_id2sd(id); nullpo_retv(sd); - blank=pc_inventoryblank(sd); + blank = pc_inventoryblank(sd); - if(vsd==NULL) + if (vsd == NULL) return; - if(vsd->vender_id==0) + if (vsd->vender_id == 0) return; - if(vsd->vender_id==sd->bl.id) + if (vsd->vender_id == sd->bl.id) return; - for(i=0,w=z=0;8+4*i<len;i++){ - amount=*(short*)(p+4*i); - index=*(short*)(p+2+4*i)-2; -/* - if(amount < 0) return; //add - for(j=0;j<vsd->vend_num;j++) - if(0<vsd->vending[j].amount && amount<=vsd->vending[j].amount && vsd->vending[j].index==index) + for(i = 0, w = z = 0; 8 + 4 * i < len; i++) { + amount = *(short*)(p + 4 * i); + index = *(short*)(p + 2 + 4 * i) - 2; + + if (amount < 0) return; // exploit +/* for(j = 0; j < vsd->vend_num; j++) + if (0 < vsd->vending[j].amount && amount <= vsd->vending[j].amount && vsd->vending[j].index == index) break; */ //ADD_start - for(j=0;j < vsd->vend_num;j++) { - if(0 < vsd->vending[j].amount && vsd->vending[j].index==index) { - if(amount > vsd->vending[j].amount || amount <= 0) { - clif_buyvending(sd,index,vsd->vending[j].amount,4); + for(j = 0; j < vsd->vend_num; j++) { + if (0 < vsd->vending[j].amount && vsd->vending[j].index == index) { + if (amount > vsd->vending[j].amount || amount <= 0) { + clif_buyvending(sd,index,vsd->vending[j].amount, 4); return; } - if(amount <= vsd->vending[j].amount) break; + if (amount <= vsd->vending[j].amount) break; } } //ADD_end - if(j==vsd->vend_num) - return; // 売り切れ - vend_list[i]=j; - z+=vsd->vending[j].value*amount; - if(z > sd->status.zeny){ - clif_buyvending(sd,index,amount,1); - return; // zeny不足 + if (j == vsd->vend_num) + return; // 売り切れ + vend_list[i] = j; + z += vsd->vending[j].value * amount; + if (z > sd->status.zeny){ + clif_buyvending(sd, index, amount, 1); + return; // zeny不足 } - w+=itemdb_weight(vsd->status.cart[index].nameid)*amount; - if(w+sd->weight > sd->max_weight){ - clif_buyvending(sd,index,amount,2); - return; // 重量超過 + w += itemdb_weight(vsd->status.cart[index].nameid) * amount; + if (w + sd->weight > sd->max_weight) { + clif_buyvending(sd, index, amount, 2); + return; // 重量超過 } - switch(pc_checkadditem(sd,vsd->status.cart[index].nameid,amount)){ + switch(pc_checkadditem(sd, vsd->status.cart[index].nameid, amount)) { case ADDITEM_EXIST: break; case ADDITEM_NEW: new++; - if(new > blank) + if (new > blank) return; // 種類数超過 break; case ADDITEM_OVERAMOUNT: - return; // アイテム数超過 + return; // アイテム数超過 } } - if(z < 0 || z > MAX_ZENY){ //Zeny Bug Fixed by Darkchild + if (z < 0 || z > MAX_ZENY) { // Zeny Bug Fixed by Darkchild clif_tradecancelled(sd); clif_tradecancelled(vsd); return; } - pc_payzeny(sd,z); - pc_getzeny(vsd,z); - for(i=0;8+4*i<len;i++){ - amount=*(short*)(p+4*i); - index=*(short*)(p+2+4*i)-2; - if(amount < 0) break; //add + pc_payzeny(sd, z); + pc_getzeny(vsd, z); + for(i = 0; 8 + 4 * i < len; i++) { + amount = *(short*)(p + 4 *i); + index = *(short*)(p + 2 + 4 * i) - 2; + //if (amount < 0) break; // tested at start of the function pc_additem(sd,&vsd->status.cart[index],amount); - - #ifndef TXT_ONLY - if(log_config.vend > 0) - log_vend(vsd,sd,index,amount,z); - #endif - - vsd->vending[vend_list[i]].amount-=amount; - pc_cart_delitem(vsd,index,amount,0); - clif_vendingreport(vsd,index,amount); + vsd->vending[vend_list[i]].amount -= amount; + pc_cart_delitem(vsd, index, amount, 0); + clif_vendingreport(vsd, index, amount); } } @@ -146,25 +140,25 @@ void vending_openvending(struct map_session_data *sd,int len,char *message,int f return; } - if(flag){ - for(i=0;85+8*i<len;i++){ - sd->vending[i].index=*(short*)(p+8*i)-2; - sd->vending[i].amount=*(short*)(p+2+8*i); - sd->vending[i].value=*(int*)(p+4+8*i); + if (flag) { + for(i = 0; 85 + 8 * i < len; i++) { + sd->vending[i].index = *(short*)(p+8*i)-2; + sd->vending[i].amount = *(short*)(p+2+8*i); + sd->vending[i].value = *(int*)(p+4+8*i); if(sd->vending[i].value>battle_config.vending_max_value)sd->vending[i].value=battle_config.vending_max_value; // カート内のアイテム数と販売するアイテム数に相違があったら中止 - if(pc_cartitem_amount(sd,sd->vending[i].index,sd->vending[i].amount)<0 || sd->vending[i].value < 0) { // fixes by Valaris and fritz - clif_skill_fail(sd,MC_VENDING,0,0); + if(pc_cartitem_amount(sd, sd->vending[i].index, sd->vending[i].amount) < 0 || sd->vending[i].value < 0) { // fixes by Valaris and fritz + clif_skill_fail(sd, MC_VENDING, 0, 0); return; } } - sd->vender_id=sd->bl.id; - sd->vend_num=i; + sd->vender_id = sd->bl.id; + sd->vend_num = i; strcpy(sd->message,message); - if(clif_openvending(sd,sd->vender_id,sd->vending) > 0) + if (clif_openvending(sd,sd->vender_id,sd->vending) > 0) clif_showvendingboard(&sd->bl,message,0); else - sd->vender_id=0; + sd->vender_id = 0; } } |