From 63601a1a0618861f8b987797a04e7e7c8e20bc7a Mon Sep 17 00:00:00 2001
From: shennetsind <shennetsind@54d463be-8e91-2dee-dedb-b68131a5f0ec>
Date: Wed, 14 Dec 2011 21:59:56 +0000
Subject: Fixed friend adding exploit, bugreport:4629

git-svn-id: https://rathena.svn.sourceforge.net/svnroot/rathena/trunk@15118 54d463be-8e91-2dee-dedb-b68131a5f0ec
---
 src/map/clif.c | 7 +++++--
 src/map/pc.h   | 5 +++++
 2 files changed, 10 insertions(+), 2 deletions(-)

(limited to 'src/map')

diff --git a/src/map/clif.c b/src/map/clif.c
index 069a861f4..101504944 100644
--- a/src/map/clif.c
+++ b/src/map/clif.c
@@ -12279,7 +12279,10 @@ void clif_parse_FriendsListAdd(int fd, struct map_session_data *sd)
 		clif_friendslist_reqack(sd, f_sd, 2);
 		return;
 	}
-		
+
+	f_sd->friend_req = sd->status.char_id;
+	sd->friend_req   = f_sd->status.char_id;
+
 	f_fd = f_sd->fd;
 	WFIFOHEAD(f_fd,packet_len(0x207));
 	WFIFOW(f_fd,0) = 0x207;
@@ -12311,7 +12314,7 @@ void clif_parse_FriendsListReply(int fd, struct map_session_data *sd)
 	if (f_sd == NULL)
 		return;
 		
-	if (reply == 0)
+	if (reply == 0 || !( sd->friend_req == f_sd->status.char_id && f_sd->friend_req == sd->status.char_id ) )
 		clif_friendslist_reqack(f_sd, sd, 1);
 	else {
 		int i;
diff --git a/src/map/pc.h b/src/map/pc.h
index af749534d..b6ba70c76 100644
--- a/src/map/pc.h
+++ b/src/map/pc.h
@@ -451,6 +451,11 @@ struct map_session_data {
 	unsigned int npc_idle_tick;
 #endif
 
+	/**
+	 * Guarantees your friend request is legit (for bugreport:6429)
+	 **/
+	int friend_req;
+
 	// temporary debugging of bug #3504
 	const char* delunit_prevfile;
 	int delunit_prevline;
-- 
cgit v1.2.3-70-g09d2