diff options
| -rw-r--r-- | src/server/game/Handlers/GuildHandler.cpp | 42 | ||||
| -rw-r--r-- | src/server/game/Server/WorldSession.cpp | 14 | ||||
| -rw-r--r-- | src/server/game/Server/WorldSession.h | 3 |
3 files changed, 59 insertions, 0 deletions
diff --git a/src/server/game/Handlers/GuildHandler.cpp b/src/server/game/Handlers/GuildHandler.cpp index 98d096eeaeb..42580b6e45c 100644 --- a/src/server/game/Handlers/GuildHandler.cpp +++ b/src/server/game/Handlers/GuildHandler.cpp @@ -127,6 +127,12 @@ void WorldSession::HandleGuildUpdateMotdText(WorldPackets::Guild::GuildUpdateMot { TC_LOG_DEBUG("guild", "CMSG_GUILD_UPDATE_MOTD_TEXT [%s]: MOTD: %s", GetPlayerInfo().c_str(), packet.MotdText.c_str()); + if (!DisallowHyperlinksAndMaybeKick(packet.MotdText)) + return; + + if (packet.MotdText.size() > 255) + return; + if (Guild* guild = GetPlayer()->GetGuild()) guild->HandleSetMOTD(this, packet.MotdText); } @@ -136,6 +142,12 @@ void WorldSession::HandleGuildSetMemberNote(WorldPackets::Guild::GuildSetMemberN TC_LOG_DEBUG("guild", "CMSG_GUILD_SET_NOTE [%s]: Target: %s, Note: %s, Public: %u", GetPlayerInfo().c_str(), packet.NoteeGUID.ToString().c_str(), packet.Note.c_str(), packet.IsPublic); + if (!DisallowHyperlinksAndMaybeKick(packet.Note)) + return; + + if (packet.Note.size() > 31) + return; + if (Guild* guild = GetPlayer()->GetGuild()) guild->HandleSetMemberNote(this, packet.Note, packet.NoteeGUID, packet.IsPublic); } @@ -154,6 +166,12 @@ void WorldSession::HandleGuildAddRank(WorldPackets::Guild::GuildAddRank& packet) { TC_LOG_DEBUG("guild", "CMSG_GUILD_ADD_RANK [%s]: Rank: %s", GetPlayerInfo().c_str(), packet.Name.c_str()); + if (!DisallowHyperlinksAndMaybeKick(packet.Name)) + return; + + if (packet.Name.size() > 15) + return; + if (Guild* guild = GetPlayer()->GetGuild()) guild->HandleAddNewRank(this, packet.Name); } @@ -170,6 +188,12 @@ void WorldSession::HandleGuildUpdateInfoText(WorldPackets::Guild::GuildUpdateInf { TC_LOG_DEBUG("guild", "CMSG_GUILD_UPDATE_INFO_TEXT [%s]: %s", GetPlayerInfo().c_str(), packet.InfoText.c_str()); + if (!DisallowHyperlinksAndMaybeKick(packet.InfoText)) + return; + + if (packet.InfoText.size() > 500) + return; + if (Guild* guild = GetPlayer()->GetGuild()) guild->HandleSetInfo(this, packet.InfoText); } @@ -467,6 +491,12 @@ void WorldSession::HandleGuildBankUpdateTab(WorldPackets::Guild::GuildBankUpdate TC_LOG_DEBUG("guild", "CMSG_GUILD_BANK_UPDATE_TAB [%s]: [%s], TabId: %u, Name: %s, Icon: %s" , GetPlayerInfo().c_str(), packet.Banker.ToString().c_str(), packet.BankTab, packet.Name.c_str(), packet.Icon.c_str()); + if (!DisallowHyperlinksAndMaybeKick(packet.Name)) + return; + + if ((packet.Name.size() > 15) || (packet.Icon.size() > 127)) + return; + if (!packet.Name.empty() && !packet.Icon.empty()) if (GetPlayer()->GetGameObjectIfCanInteractWith(packet.Banker, GAMEOBJECT_TYPE_GUILD_BANK)) if (Guild* guild = GetPlayer()->GetGuild()) @@ -493,6 +523,12 @@ void WorldSession::HandleGuildBankSetTabText(WorldPackets::Guild::GuildBankSetTa { TC_LOG_DEBUG("guild", "CMSG_SET_GUILD_BANK_TEXT [%s]: TabId: %u, Text: %s", GetPlayerInfo().c_str(), packet.Tab, packet.TabText.c_str()); + if (!DisallowHyperlinksAndMaybeKick(packet.TabText)) + return; + + if (packet.TabText.size() > 500) + return; + if (Guild* guild = GetPlayer()->GetGuild()) guild->SetBankTabText(packet.Tab, packet.TabText); } @@ -503,6 +539,12 @@ void WorldSession::HandleGuildSetRankPermissions(WorldPackets::Guild::GuildSetRa if (!guild) return; + if (!DisallowHyperlinksAndMaybeKick(packet.RankName)) + return; + + if (packet.RankName.size() > 15) + return; + GuildBankRightsAndSlotsVec rightsAndSlots(GUILD_BANK_MAX_TABS); for (uint8 tabId = 0; tabId < GUILD_BANK_MAX_TABS; ++tabId) rightsAndSlots[tabId] = GuildBankRightsAndSlots(tabId, uint8(packet.TabFlags[tabId]), uint32(packet.TabWithdrawItemLimit[tabId])); diff --git a/src/server/game/Server/WorldSession.cpp b/src/server/game/Server/WorldSession.cpp index 6fac054eea5..3a14cf48785 100644 --- a/src/server/game/Server/WorldSession.cpp +++ b/src/server/game/Server/WorldSession.cpp @@ -689,6 +689,20 @@ bool WorldSession::ValidateHyperlinksAndMaybeKick(std::string const& str) return false; } +bool WorldSession::DisallowHyperlinksAndMaybeKick(std::string const& str) +{ + if (str.find('|') == std::string::npos) + return true; + + TC_LOG_ERROR("network", "Player %s (%s) sent a message which illegally contained a hyperlink:\n%s", GetPlayer()->GetName().c_str(), + GetPlayer()->GetGUID().ToString().c_str(), str.c_str()); + + if (sWorld->getIntConfig(CONFIG_CHAT_STRICT_LINK_CHECKING_KICK)) + KickPlayer(); + + return false; +} + void WorldSession::SendNotification(char const* format, ...) { if (format) diff --git a/src/server/game/Server/WorldSession.h b/src/server/game/Server/WorldSession.h index 3ee0c596980..2e34e817284 100644 --- a/src/server/game/Server/WorldSession.h +++ b/src/server/game/Server/WorldSession.h @@ -1023,6 +1023,9 @@ class TC_GAME_API WorldSession // Returns true if all contained hyperlinks are valid // May kick player on false depending on world config (handler should abort) bool ValidateHyperlinksAndMaybeKick(std::string const& str); + // Returns true if the message contains no hyperlinks + // May kick player on false depending on world config (handler should abort) + bool DisallowHyperlinksAndMaybeKick(std::string const& str); void QueuePacket(WorldPacket* new_packet); bool Update(uint32 diff, PacketFilter& updater); |