diff options
| author | jackpoz <giacomopoz@gmail.com> | 2017-12-02 12:56:23 +0100 |
|---|---|---|
| committer | jackpoz <giacomopoz@gmail.com> | 2017-12-02 12:56:23 +0100 |
| commit | 3d1ba42f428c6b920240e208c854b0bcd5d664b1 (patch) | |
| tree | 193bbf083bdb089c9d349ba03cffb1f7a0426b4d /src | |
| parent | abc4b48fe94a0a858133df7d9cda2866d8500f72 (diff) | |
Core/Misc: Fix out of bounds access on startup
Fix out of bound access on startup trying to access SpellEffects with ID greater than max allowed/known.
Reported by AddressSanitizer .
Diffstat (limited to 'src')
| -rw-r--r-- | src/server/game/Spells/SpellMgr.cpp | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/server/game/Spells/SpellMgr.cpp b/src/server/game/Spells/SpellMgr.cpp index f7534e49503..b3a37a2073c 100644 --- a/src/server/game/Spells/SpellMgr.cpp +++ b/src/server/game/Spells/SpellMgr.cpp @@ -2542,6 +2542,22 @@ void SpellMgr::LoadSpellInfoStore() for (SpellEntry const* spellEntry : sSpellStore) mSpellInfoMap[spellEntry->Id] = new SpellInfo(spellEntry); + for (uint32 spellIndex = 0; spellIndex < GetSpellInfoStoreSize(); ++spellIndex) + { + if (!mSpellInfoMap[spellIndex]) + continue; + + for (uint32 effectIndex = 0; effectIndex < MAX_SPELL_EFFECTS; ++effectIndex) + { + if (mSpellInfoMap[spellIndex]->Effects[effectIndex].Effect >= TOTAL_SPELL_EFFECTS) + { + TC_LOG_ERROR("sql.sql", "Spell (Entry: %u) has `Effect` '%u' greater than max allowed value '%u', removing", spellIndex, mSpellInfoMap[spellIndex]->Effects[effectIndex].Effect, (TOTAL_SPELL_EFFECTS - 1)); + mSpellInfoMap[spellIndex]->Effects[effectIndex].Effect = 0; + } + } + } + + TC_LOG_INFO("server.loading", ">> Loaded SpellInfo store in %u ms", GetMSTimeDiffToNow(oldMSTime)); } |