Fixed login packet 0x825

Special Thanks to Haru, Yommy.

Signed-off-by: shennetsind <ind@henn.et>

1 files changed, 7 insertions, 8 deletions

diff --git a/src/login/login.c b/src/login/login.c
index b603117e4..f81ee30c7 100644
--- a/src/login/login.c
+++ b/src/login/login.c
@@ -1383,11 +1383,11 @@ int parse_login(int fd)
 		{
 			uint32 version;
 			char username[NAME_LENGTH];
-			char password[NAME_LENGTH];
+			char password[PASSWD_LEN];
 			unsigned char passhash[16];
 			uint8 clienttype;
 			bool israwpass = (command==0x0064 || command==0x0277 || command==0x02b0 || command == 0x0825);
-
+			
 			// Shinryo: For the time being, just use token as password.
 			if(command == 0x0825)
 			{
@@ -1397,15 +1397,14 @@ int parse_login(int fd)
 				size_t uTokenLen = RFIFOREST(fd) - 0x5C;
 
 				version = RFIFOL(fd,4);
-
-				if(uAccLen > NAME_LENGTH - 1 || uAccLen <= 0 || uTokenLen > NAME_LENGTH - 1  || uTokenLen <= 0)
-				{
+				
+				if(uAccLen <= 0 || uTokenLen <= 0) {
 					login_auth_failed(sd, 3);
 					return 0;
 				}
 
-				safestrncpy(username, accname, uAccLen + 1);
-				safestrncpy(password, token, uTokenLen + 1);
+				safestrncpy(username, accname, NAME_LENGTH);
+				safestrncpy(password, token, PASSWD_LEN);
 				clienttype = RFIFOB(fd, 8);
 			}
 			else
@@ -1431,7 +1430,7 @@ int parse_login(int fd)
 			if( israwpass )
 			{
 				ShowStatus("Request for connection of %s (ip: %s).\n", sd->userid, ip);
-				safestrncpy(sd->passwd, password, NAME_LENGTH);
+				safestrncpy(sd->passwd, password, PASSWD_LEN);
 				if( login_config.use_md5_passwds )
 					MD5_String(sd->passwd, sd->passwd);
 				sd->passwdenc = 0;