diff options
Diffstat (limited to 'src/char_sql')
| -rw-r--r-- | src/char_sql/char.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/char_sql/char.c b/src/char_sql/char.c index b1f4a1c94..410f813e3 100644 --- a/src/char_sql/char.c +++ b/src/char_sql/char.c @@ -1293,7 +1293,12 @@ int check_char_name(char * name, char * esc_name) // check length of character name if( name[0] == '\0' ) return -2; // empty character name - + /** + * The client does not allow you to create names with less than 4 characters, however, + * the use of WPE can bypass this, and this fixes the exploit. + **/ + if( strlen( name ) < 4 ) + return -2; // check content of character name if( remove_control_chars(name) ) return -2; // control chars in name |