diff options
| author | Peter Keresztes Schmidt <carbenium@outlook.com> | 2020-08-16 21:32:31 +0200 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2022-01-26 22:30:13 +0100 |
| commit | d33214c50a738372ebf805d9bb00ed38a622aa1a (patch) | |
| tree | e6e5cd41ea056e2e5e7078cd1951ceed6dfb448d | |
| parent | f2ee365da43f851181c8a486e10325a95b75c55d (diff) | |
Core/ChatCommands: Do not parse partial strings for numeric paramters (PR #25259)
Check if integral/floating point type arguments were parsed successfully.
std::stoull will happily parse floating point strings until the decimal separator and return the value.
Make sure for all parsing methods that we actually parsed the whole token.
This allows to use handler arguments like Variant<uint32, float> which will be populated with the right type
depending on the token value (e.g "10" vs "10.0").
(cherry picked from commit 7edad0d601a7ae925cba850c5a23019f99be2a1e)
| -rw-r--r-- | src/server/game/Chat/ChatCommands/ChatCommandArgs.h | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/src/server/game/Chat/ChatCommands/ChatCommandArgs.h b/src/server/game/Chat/ChatCommands/ChatCommandArgs.h index 05e065c6a2d..fcce689c258 100644 --- a/src/server/game/Chat/ChatCommands/ChatCommandArgs.h +++ b/src/server/game/Chat/ChatCommands/ChatCommandArgs.h @@ -51,7 +51,13 @@ struct ArgInfo<T, std::enable_if_t<std::is_integral_v<T> && std::is_signed_v<T>> { char const* next = args; std::string token(args, tokenize(next)); - try { val = std::stoll(token); } + try + { + size_t processedChars = 0; + val = std::stoll(token, &processedChars, 0); + if (processedChars != token.length()) + return nullptr; + } catch (...) { return nullptr; } return next; } @@ -65,7 +71,13 @@ struct ArgInfo<T, std::enable_if_t<std::is_integral_v<T> && std::is_unsigned_v<T { char const* next = args; std::string token(args, tokenize(next)); - try { val = std::stoull(token); } + try + { + size_t processedChars = 0; + val = std::stoull(token, &processedChars, 0); + if (processedChars != token.length()) + return nullptr; + } catch (...) { return nullptr; } return next; } @@ -79,7 +91,13 @@ struct ArgInfo<T, std::enable_if_t<std::is_floating_point_v<T>>> { char const* next = args; std::string token(args, tokenize(next)); - try { val = std::stold(token); } + try + { + size_t processedChars = 0; + val = std::stold(token, &processedChars); + if (processedChars != token.length()) + return nullptr; + } catch (...) { return nullptr; } return std::isfinite(val) ? next : nullptr; } |