[7659] Added several security checks to prevent cheating using facked packets Author: arrai

--HG-- branch : trunk
author: megamage <none@none> 2009-04-13 17:21:59 -0500
committer: megamage <none@none> 2009-04-13 17:21:59 -0500
commit: 214307428078f937c068fb5219686e3090c97a9c (patch)
tree: 2febd9b6cf0a978b6cfda1bd14eb5bc6de9a1dd2 /src
parent: 53d37935a98bfb767b65c508bc53908817eaba24 (diff)
5 files changed, 67 insertions, 18 deletions
diff --git a/src/game/GuildHandler.cpp b/src/game/GuildHandler.cpp
index ac91f47bf95..1b8ec5eb836 100644
--- a/src/game/GuildHandler.cpp
+++ b/src/game/GuildHandler.cpp
@@ -905,7 +905,7 @@ void WorldSession::HandleGuildBankQuery( WorldPacket & recv_data )
     uint8  unk;
     recv_data >> GoGuid >> unk;
 
-    if (!objmgr.IsGuildVaultGameObject(_player, GoGuid))
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, GoGuid, GAMEOBJECT_TYPE_GUILD_BANK))
         return;
 
     if (uint32 GuildId = GetPlayer()->GetGuildId())
@@ -929,7 +929,7 @@ void WorldSession::HandleGuildBankTabColon( WorldPacket & recv_data )
     uint8 TabId,unk1;
     recv_data >> GoGuid >> TabId >> unk1;
 
-    if (!objmgr.IsGuildVaultGameObject(_player, GoGuid))
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, GoGuid, GAMEOBJECT_TYPE_GUILD_BANK))
         return;
 
     uint32 GuildId = GetPlayer()->GetGuildId();
@@ -958,7 +958,7 @@ void WorldSession::HandleGuildBankDeposit( WorldPacket & recv_data )
     if (!money)
         return;
 
-    if (!objmgr.IsGuildVaultGameObject(_player, GoGuid))
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, GoGuid, GAMEOBJECT_TYPE_GUILD_BANK))
         return;
 
     uint32 GuildId = GetPlayer()->GetGuildId();
@@ -1006,7 +1006,7 @@ void WorldSession::HandleGuildBankWithdraw( WorldPacket & recv_data )
     if (!money)
         return;
 
-    if (!objmgr.IsGuildVaultGameObject(_player, GoGuid))
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, GoGuid, GAMEOBJECT_TYPE_GUILD_BANK))
         return;
 
     uint32 GuildId = GetPlayer()->GetGuildId();
@@ -1108,7 +1108,7 @@ void WorldSession::HandleGuildBankDepositItem( WorldPacket & recv_data )
             return;
     }
 
-    if (!objmgr.IsGuildVaultGameObject(_player, GoGuid))
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, GoGuid, GAMEOBJECT_TYPE_GUILD_BANK))
         return;
 
     uint32 GuildId = GetPlayer()->GetGuildId();
@@ -1563,7 +1563,7 @@ void WorldSession::HandleGuildBankBuyTab( WorldPacket & recv_data )
     recv_data >> GoGuid;
     recv_data >> TabId;
 
-    if (!objmgr.IsGuildVaultGameObject(_player, GoGuid))
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, GoGuid, GAMEOBJECT_TYPE_GUILD_BANK))
         return;
 
     uint32 GuildId = GetPlayer()->GetGuildId();
@@ -1620,7 +1620,7 @@ void WorldSession::HandleGuildBankModifyTab( WorldPacket & recv_data )
     if(IconIndex.empty())
         return;
 
-    if (!objmgr.IsGuildVaultGameObject(_player, GoGuid))
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, GoGuid, GAMEOBJECT_TYPE_GUILD_BANK))
         return;
 
     uint32 GuildId = GetPlayer()->GetGuildId();
diff --git a/src/game/ItemHandler.cpp b/src/game/ItemHandler.cpp
index 27aa29267df..aef5ea829c6 100644
--- a/src/game/ItemHandler.cpp
+++ b/src/game/ItemHandler.cpp
@@ -827,10 +827,23 @@ void WorldSession::HandleAutoStoreBagItemOpcode( WorldPacket & recv_data )
     _player->StoreItem( dest, pItem, true );
 }
 
-void WorldSession::HandleBuyBankSlotOpcode(WorldPacket& /*recvPacket*/)
+void WorldSession::HandleBuyBankSlotOpcode(WorldPacket& recvPacket)
 {
+    CHECK_PACKET_SIZE(recvPacket, 8);
+
     sLog.outDebug("WORLD: CMSG_BUY_BANK_SLOT");
 
+    uint64 guid;
+    recvPacket >> guid;
+
+    // cheating protection
+    Creature *pCreature = ObjectAccessor::GetNPCIfCanInteractWith(*_player, guid, UNIT_NPC_FLAG_BANKER);
+    if(!pCreature)
+    {
+        sLog.outDebug( "WORLD: HandleBuyBankSlotOpcode - Unit (GUID: %u) not found or you can't interact with him.", uint32(GUID_LOPART(guid)) );
+        return;
+    }
+
     uint32 slot = _player->GetByteValue(PLAYER_BYTES_2, 2);
 
     // next slot
diff --git a/src/game/Mail.cpp b/src/game/Mail.cpp
index 09c95628921..97a684a2700 100644
--- a/src/game/Mail.cpp
+++ b/src/game/Mail.cpp
@@ -55,6 +55,9 @@ void WorldSession::HandleSendMail(WorldPacket & recv_data )
     recv_data >> mailbox;
     recv_data >> receiver;
 
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, mailbox, GAMEOBJECT_TYPE_MAILBOX))
+        return;
+
     // recheck
     CHECK_PACKET_SIZE(recv_data, 8+(receiver.size()+1)+1+1+4+4+1+4+4+8+1);
 
@@ -277,6 +280,10 @@ void WorldSession::HandleMarkAsRead(WorldPacket & recv_data )
     uint64 mailbox;
     uint32 mailId;
     recv_data >> mailbox;
+
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, mailbox, GAMEOBJECT_TYPE_MAILBOX))
+        return;
+
     recv_data >> mailId;
     Player *pl = _player;
     Mail *m = pl->GetMail(mailId);
@@ -300,6 +307,10 @@ void WorldSession::HandleMailDelete(WorldPacket & recv_data )
     uint32 mailId;
     recv_data >> mailbox;
     recv_data >> mailId;
+
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, mailbox, GAMEOBJECT_TYPE_MAILBOX))
+        return;
+
     Player* pl = _player;
     pl->m_mailsUpdated = true;
     Mail *m = pl->GetMail(mailId);
@@ -315,6 +326,10 @@ void WorldSession::HandleReturnToSender(WorldPacket & recv_data )
     uint64 mailbox;
     uint32 mailId;
     recv_data >> mailbox;
+
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, mailbox, GAMEOBJECT_TYPE_MAILBOX))
+        return;
+
     recv_data >> mailId;
     Player *pl = _player;
     Mail *m = pl->GetMail(mailId);
@@ -419,6 +434,10 @@ void WorldSession::HandleTakeItem(WorldPacket & recv_data )
     uint32 mailId;
     uint32 itemId;
     recv_data >> mailbox;
+
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, mailbox, GAMEOBJECT_TYPE_MAILBOX))
+        return;
+
     recv_data >> mailId;
     recv_data >> itemId;                                    // item guid low?
     Player* pl = _player;
@@ -510,6 +529,10 @@ void WorldSession::HandleTakeMoney(WorldPacket & recv_data )
     uint32 mailId;
     recv_data >> mailbox;
     recv_data >> mailId;
+
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, mailbox, GAMEOBJECT_TYPE_MAILBOX))
+        return;
+
     Player *pl = _player;
 
     Mail* m = pl->GetMail(mailId);
@@ -541,9 +564,8 @@ void WorldSession::HandleGetMail(WorldPacket & recv_data )
     uint64 mailbox;
     recv_data >> mailbox;
 
-    //GameObject* obj = ObjectAccessor::GetGameObject(_player, mailbox);
-    //if(!obj || !obj->IsMailBox())
-    //    return;
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, mailbox, GAMEOBJECT_TYPE_MAILBOX))
+        return;
 
     Player* pl = _player;
 
@@ -679,6 +701,9 @@ void WorldSession::HandleMailCreateTextItem(WorldPacket & recv_data )
 
     recv_data >> mailbox >> mailId;
 
+    if (!objmgr.IsGameObjectOfTypeInRange(_player, mailbox, GAMEOBJECT_TYPE_MAILBOX))
+        return;
+
     Player *pl = _player;
 
     Mail* m = pl->GetMail(mailId);
diff --git a/src/game/ObjectMgr.cpp b/src/game/ObjectMgr.cpp
index b797757a9f3..9e4c7244c58 100644
--- a/src/game/ObjectMgr.cpp
+++ b/src/game/ObjectMgr.cpp
@@ -4267,6 +4267,23 @@ void ObjectMgr::LoadInstanceTemplate()
     sLog.outString();
 }
 
+bool ObjectMgr::IsGameObjectOfTypeInRange(Player *player, uint64 guid, GameobjectTypes type) const
+{
+    if(GameObject *go = ObjectAccessor::GetGameObject(*player, guid))
+    {
+        if(go->GetGoType() == type)
+        {
+            // TODO: find out how the client calculates the maximal usage distance to spellless working
+            // gameobjects like guildbanks and mailboxes - 10.0 is a just an abitrary choosen number
+            if (go->IsWithinDistInMap(player, 10.0f))
+                return true;
+            sLog.outError("IsGameObjectOfTypeInRange: GameObject '%s' [GUID: %u] is too far away from player %s [GUID: %u] to be used by him (distance=%f, maximal 10 is allowed)", go->GetGOInfo()->name,
+                    go->GetGUIDLow(), player->GetName(), player->GetGUIDLow(), go->GetDistance(player));
+        }
+    }
+    return false;
+}
+
 GossipText const *ObjectMgr::GetGossipText(uint32 Text_ID) const
 {
     GossipTextMap::const_iterator itr = mGossipText.find(Text_ID);
diff --git a/src/game/ObjectMgr.h b/src/game/ObjectMgr.h
index ea73fb15715..56e1cbc2366 100644
--- a/src/game/ObjectMgr.h
+++ b/src/game/ObjectMgr.h
@@ -436,13 +436,7 @@ class ObjectMgr
             return mGameObjectForQuestSet.find(entry) != mGameObjectForQuestSet.end();
         }
 
-        bool IsGuildVaultGameObject(Player *player, uint64 guid) const
-        {
-            if(GameObject *go = ObjectAccessor::GetGameObject(*player, guid))
-                if(go->GetGoType() == GAMEOBJECT_TYPE_GUILD_BANK)
-                    return true;
-            return false;
-        }
+        bool IsGameObjectOfTypeInRange(Player *player, uint64 guid, GameobjectTypes type) const;
 
         GossipText const* GetGossipText(uint32 Text_ID) const;
author	megamage <none@none>	2009-04-13 17:21:59 -0500
committer	megamage <none@none>	2009-04-13 17:21:59 -0500
commit	214307428078f937c068fb5219686e3090c97a9c (patch)
tree	2febd9b6cf0a978b6cfda1bd14eb5bc6de9a1dd2 /src
parent	53d37935a98bfb767b65c508bc53908817eaba24 (diff)