aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/server/authserver/Server/AuthSocket.cpp13
-rw-r--r--src/server/game/Spells/Spell.cpp2
2 files changed, 14 insertions, 1 deletions
diff --git a/src/server/authserver/Server/AuthSocket.cpp b/src/server/authserver/Server/AuthSocket.cpp
index 1ab9ae6eb62..4a9d3ce7faf 100644
--- a/src/server/authserver/Server/AuthSocket.cpp
+++ b/src/server/authserver/Server/AuthSocket.cpp
@@ -222,12 +222,25 @@ void AuthSocket::OnClose(void)
// Read the packet from the client
void AuthSocket::OnRead()
{
+ #define MAX_AUTH_LOGON_CHALLENGES_IN_A_ROW 3
+ uint32 challengesInARow = 0;
uint8 _cmd;
while (1)
{
if (!socket().recv_soft((char *)&_cmd, 1))
return;
+ if (_cmd == AUTH_LOGON_CHALLENGE)
+ {
+ ++challengesInARow;
+ if (challengesInARow == MAX_AUTH_LOGON_CHALLENGES_IN_A_ROW)
+ {
+ TC_LOG_WARN(LOG_FILTER_AUTHSERVER, "Got %u AUTH_LOGON_CHALLENGE in a row from '%s', possible ongoing DoS", challengesInARow, socket().getRemoteAddress().c_str());
+ socket().shutdown();
+ return;
+ }
+ }
+
size_t i;
// Circle through known commands and call the correct command handler
diff --git a/src/server/game/Spells/Spell.cpp b/src/server/game/Spells/Spell.cpp
index 804a7f25a12..5f0b0135f58 100644
--- a/src/server/game/Spells/Spell.cpp
+++ b/src/server/game/Spells/Spell.cpp
@@ -5325,7 +5325,7 @@ SpellCastResult Spell::CheckCast(bool strict)
if (!m_caster->GetTarget())
return SPELL_FAILED_BAD_TARGETS;
- Player* target = m_caster->ToPlayer()->GetSelectedPlayer();
+ Player* target = ObjectAccessor::FindPlayer(m_caster->ToPlayer()->GetTarget());
if (!target || m_caster->ToPlayer() == target || (!target->IsInSameRaidWith(m_caster->ToPlayer()) && m_spellInfo->Id != 48955)) // refer-a-friend spell
return SPELL_FAILED_BAD_TARGETS;