Mirror/TrinityCore
1
0
Fork 0
mirror of https://github.com/TrinityCore/TrinityCore.git synced 2026-01-15 23:20:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Core/Channels: fixed possible exploit with channel password

Browse Source 
You were able to setup longer password than you can write into the dialog window. Limit in dialog is 31 chars, in DB is varchar(32) but there was no limit in command /pass <channel> <password>, so that was the problem.
This commit is contained in:
MitchesD
2014-08-24 23:54:28 +02:00
parent a8ff0c990b
commit 80cde8aa10
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/server/game/Handlers/ChannelHandler.cpp
View File

@@ -100,6 +100,9 @@ void WorldSession::HandleChannelPassword(WorldPacket& recvPacket)
TC_LOG_DEBUG("chat.system", "CMSG_CHANNEL_PASSWORD %s Channel: %s, Password: %s",
GetPlayerInfo().c_str(), channelName.c_str(), password.c_str());
if (password.length() > MAX_CHANNEL_PASS_STR)
return;
if (ChannelMgr* cMgr = ChannelMgr::forTeam(GetPlayer()->GetTeam()))
if (Channel* channel = cMgr->GetChannel(channelName, GetPlayer()))
channel->Password(GetPlayer(), password);