diff options
| author | Shauren <shauren.trinity@gmail.com> | 2018-10-22 19:06:26 +0200 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2018-10-22 19:06:26 +0200 |
| commit | 41a7e08e43e1a0a277ae922f587dc05986899170 (patch) | |
| tree | ac750bd12c450b3b8e9ce9e4c098e3d4d1d5c495 /src/server/bnetserver/Server/Session.cpp | |
| parent | 31a2a394c72121989bb82d06308ec75ae5c4e267 (diff) | |
Core/Bnet: Safeguard auth process against bad external db modifications
Diffstat (limited to 'src/server/bnetserver/Server/Session.cpp')
| -rw-r--r-- | src/server/bnetserver/Server/Session.cpp | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/server/bnetserver/Server/Session.cpp b/src/server/bnetserver/Server/Session.cpp index 55a6827854a..fd74128b458 100644 --- a/src/server/bnetserver/Server/Session.cpp +++ b/src/server/bnetserver/Server/Session.cpp @@ -245,11 +245,17 @@ uint32 Battlenet::Session::HandleLogon(authentication::v1::LogonRequest const* l uint32 Battlenet::Session::HandleVerifyWebCredentials(authentication::v1::VerifyWebCredentialsRequest const* verifyWebCredentialsRequest, std::function<void(ServiceBase*, uint32, ::google::protobuf::Message const*)>& continuation) { - return VerifyWebCredentials(verifyWebCredentialsRequest->web_credentials(), continuation); + if (verifyWebCredentialsRequest->has_web_credentials()) + return VerifyWebCredentials(verifyWebCredentialsRequest->web_credentials(), continuation); + + return ERROR_DENIED; } uint32 Battlenet::Session::VerifyWebCredentials(std::string const& webCredentials, std::function<void(ServiceBase*, uint32, ::google::protobuf::Message const*)>& continuation) { + if (webCredentials.empty()) + return ERROR_DENIED; + PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_ACCOUNT_INFO); stmt->setString(0, webCredentials); |