Core/Spells: Fixed possible use after free with deleted focusObject (#30062)

* Core/Spells: Fixed possible use after free with deleted focusObject
author: Gildor <gildor55@gmail.com> 2024-07-04 22:51:25 +0200
committer: GitHub <noreply@github.com> 2024-07-04 22:51:25 +0200
commit: 93ab97a37c769cfbc0c5d3aea44aee0e3cd877bc (patch)
tree: 299803e26330c8d899e41806f732983bc0502790 /src/server/game/Spells/Spell.cpp
parent: 8130024497e370af3a2cbc0c633773386a66f2ef (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/src/server/game/Spells/Spell.cpp b/src/server/game/Spells/Spell.cpp
index a78f031c310..a91768186a3 100644
--- a/src/server/game/Spells/Spell.cpp
+++ b/src/server/game/Spells/Spell.cpp
@@ -5426,7 +5426,9 @@ SpellCastResult Spell::CheckCast(bool strict, uint32* param1 /*= nullptr*/, uint
     if (m_spellInfo->RequiresSpellFocus)
     {
         focusObject = SearchSpellFocus();
-        if (!focusObject)
+        if (focusObject)
+            m_focusObjectGUID = focusObject->GetGUID();
+        else
             return SPELL_FAILED_REQUIRES_SPELL_FOCUS;
     }
 
@@ -7284,6 +7286,9 @@ bool Spell::UpdatePointers()
             m_originalCaster = nullptr;
     }
 
+    if (m_focusObjectGUID)
+        focusObject = ObjectAccessor::GetGameObject(*m_caster, m_focusObjectGUID);
+
     if (m_castItemGUID && m_caster->GetTypeId() == TYPEID_PLAYER)
     {
         m_CastItem = m_caster->ToPlayer()->GetItemByGuid(m_castItemGUID);
author	Gildor <gildor55@gmail.com>	2024-07-04 22:51:25 +0200
committer	GitHub <noreply@github.com>	2024-07-04 22:51:25 +0200
commit	93ab97a37c769cfbc0c5d3aea44aee0e3cd877bc (patch)
tree	299803e26330c8d899e41806f732983bc0502790 /src/server/game/Spells/Spell.cpp
parent	8130024497e370af3a2cbc0c633773386a66f2ef (diff)