From def9450e64bf13878a4ecb1650278e48e15ded20 Mon Sep 17 00:00:00 2001 From: Dastgir Date: Tue, 29 Mar 2016 19:08:01 +0530 Subject: Fixed defense overflow exploit * The defense penalty for being attacked by many enemies at the same time can no longer make DEF go negative * Fixed two potential overflow exploits When being hit by a lot of monsters, your DEF will become negative and then eventually overflow, making you almost invincible. On official servers the simultaneous attacker count is limited to 22. So at max, your def is reduced by ((22-2)*5%) = 100%. So it should neither be able to make your DEF negative nor cause an overflow. Merge from https://github.com/rathena/rathena/commit/590f42cd15c58de78cff8be6053109852375bce1#diff-d96b6365b4bdad78139e676d6e7e3295R4589 --- src/map/battle.c | 1 + src/map/unit.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/map/battle.c b/src/map/battle.c index fceb30be1..16b503e9d 100644 --- a/src/map/battle.c +++ b/src/map/battle.c @@ -1382,6 +1382,7 @@ static int64 battle_calc_defense(int attack_type, struct block_list *src, struct #ifndef RENEWAL if(skill_id == AM_ACIDTERROR) def1 = 0; //Acid Terror ignores only armor defense. [Skotlex] #endif + def1 = max(def1, 0); if(def2 < 1) def2 = 1; } //Vitality reduction from rodatazone: http://rodatazone.simgaming.net/mechanics/substats.php#def diff --git a/src/map/unit.c b/src/map/unit.c index 9174bdccd..371be03db 100644 --- a/src/map/unit.c +++ b/src/map/unit.c @@ -1836,7 +1836,7 @@ static int unit_set_target(struct unit_data *ud, int target_id) struct block_list* target; if (ud->target && (target = map->id2bl(ud->target)) != NULL && (ux = unit->bl2ud(target)) != NULL && ux->target_count > 0) --ux->target_count; - if (target_id && (target = map->id2bl(target_id)) != NULL && (ux = unit->bl2ud(target)) != NULL) + if (target_id && (target = map->id2bl(target_id)) != NULL && (ux = unit->bl2ud(target)) != NULL && ux->target_count < UCHAR_MAX) ++ux->target_count; } -- cgit v1.2.3-70-g09d2