From 4dbef34803e7fafa4fc9e699b1602122d941b6d6 Mon Sep 17 00:00:00 2001 From: Kinzcool Date: Wed, 23 Apr 2014 00:30:17 -0400 Subject: DB/Misc: Fixed some BroadcastText errors --- sql/updates/world/2014_04_23_03_world_misc.sql | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 sql/updates/world/2014_04_23_03_world_misc.sql diff --git a/sql/updates/world/2014_04_23_03_world_misc.sql b/sql/updates/world/2014_04_23_03_world_misc.sql new file mode 100644 index 00000000000..a66bada05d1 --- /dev/null +++ b/sql/updates/world/2014_04_23_03_world_misc.sql @@ -0,0 +1,15 @@ +UPDATE `npc_text` SET `BroadcastTextID0`=27076 WHERE `ID`=12946; + +UPDATE `gossip_menu_option` SET `OptionBroadcastTextID`=9359 WHERE `menu_id`=5712 AND `id`=0; +UPDATE `gossip_menu_option` SET `OptionBroadcastTextID`=9359 WHERE `menu_id`=6880 AND `id`=0; +UPDATE `gossip_menu_option` SET `OptionBroadcastTextID`=18411 WHERE `menu_id`=7139 AND `id`=0; +UPDATE `gossip_menu_option` SET `OptionBroadcastTextID`=19691 WHERE `menu_id`=8439 AND `id`=0; +UPDATE `gossip_menu_option` SET `OptionBroadcastTextID`=29539 WHERE `menu_id`=9573 AND `id`=0; +UPDATE `gossip_menu_option` SET `OptionBroadcastTextID`=29539 WHERE `menu_id`=9574 AND `id`=0; + +UPDATE `creature_text` SET `BroadcastTextID`=13099 WHERE `entry`=16063 AND `groupid`=3 AND `id`=0; +UPDATE `creature_text` SET `BroadcastTextID`=29430 WHERE `entry`=28030 AND `groupid`=0 AND `id`=2; +UPDATE `creature_text` SET `BroadcastTextID`=35743 WHERE `entry`=34496 AND `groupid`=7 AND `id`=0; +UPDATE `creature_text` SET `BroadcastTextID`=35743 WHERE `entry`=34497 AND `groupid`=7 AND `id`=0; +UPDATE `creature_text` SET `BroadcastTextID`=37133 WHERE `entry`=36853 AND `groupid`=8 AND `id`=0; +UPDATE `creature_text` SET `BroadcastTextID`=38061 WHERE `entry`=37955 AND `groupid`=4 AND `id`=0; -- cgit v1.2.3 From 3a3c33243614b9aeefd08b85960a915de93bdc44 Mon Sep 17 00:00:00 2001 From: velinath Date: Wed, 23 Apr 2014 08:05:29 -0400 Subject: Correct display of output for .rbac account list command. (thanks Spp-) --- src/server/scripts/Commands/cs_rbac.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/server/scripts/Commands/cs_rbac.cpp b/src/server/scripts/Commands/cs_rbac.cpp index df4ce993433..47fa01837f6 100644 --- a/src/server/scripts/Commands/cs_rbac.cpp +++ b/src/server/scripts/Commands/cs_rbac.cpp @@ -320,7 +320,7 @@ public: handler->PSendSysMessage(LANG_RBAC_LIST_ELEMENT, permission->GetId(), permission->GetName().c_str()); } } - handler->PSendSysMessage(LANG_RBAC_LIST_HEADER_DENIED, command->rbac->GetId(), command->rbac->GetName().c_str()); + handler->PSendSysMessage(LANG_RBAC_LIST_HEADER_BY_SEC_LEVEL, command->rbac->GetId(), command->rbac->GetName().c_str(), command->rbac->GetSecurityLevel()); rbac::RBACPermissionContainer const& defaultPermissions = sAccountMgr->GetRBACDefaultPermissions(command->rbac->GetSecurityLevel()); if (defaultPermissions.empty()) handler->PSendSysMessage("%s", handler->GetTrinityString(LANG_RBAC_LIST_EMPTY)); -- cgit v1.2.3 From 6b42f99540dda13b622fe1653993e3b84709efc7 Mon Sep 17 00:00:00 2001 From: jackpoz Date: Wed, 23 Apr 2014 20:01:20 +0200 Subject: Core/AuctionHouse: Fix AuctionHouse exploit Fix an exploit in Auction House using either CheatEngine or WPE that allowed to sell more items than the Player had in inventory or to crash worldserver. Fixes #11831 Fixes #11928 --- src/server/game/Handlers/AuctionHouseHandler.cpp | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/src/server/game/Handlers/AuctionHouseHandler.cpp b/src/server/game/Handlers/AuctionHouseHandler.cpp index d9e4feb7f85..86fa0429cce 100644 --- a/src/server/game/Handlers/AuctionHouseHandler.cpp +++ b/src/server/game/Handlers/AuctionHouseHandler.cpp @@ -119,7 +119,9 @@ void WorldSession::HandleAuctionSellItem(WorldPacket& recvData) recvData >> itemsCount; uint64 itemGUIDs[MAX_AUCTION_ITEMS]; // 160 slot = 4x 36 slot bag + backpack 16 slot + memset(itemGUIDs, 0, sizeof(itemGUIDs)); uint32 count[MAX_AUCTION_ITEMS]; + memset(count, 0, sizeof(count)); if (itemsCount > MAX_AUCTION_ITEMS) { @@ -187,6 +189,7 @@ void WorldSession::HandleAuctionSellItem(WorldPacket& recvData) Item* items[MAX_AUCTION_ITEMS]; uint32 finalCount = 0; + uint32 itemEntry = 0; for (uint32 i = 0; i < itemsCount; ++i) { @@ -198,9 +201,12 @@ void WorldSession::HandleAuctionSellItem(WorldPacket& recvData) return; } + if (itemEntry == 0) + itemEntry = item->GetTemplate()->ItemId; + if (sAuctionMgr->GetAItem(item->GetGUIDLow()) || !item->CanBeTraded() || item->IsNotEmptyBag() || item->GetTemplate()->Flags & ITEM_PROTO_FLAG_CONJURED || item->GetUInt32Value(ITEM_FIELD_DURATION) || - item->GetCount() < count[i]) + item->GetCount() < count[i] || itemEntry != item->GetTemplate()->ItemId) { SendAuctionCommandResult(0, AUCTION_SELL_ITEM, ERR_AUCTION_DATABASE_ERROR); return; @@ -216,6 +222,19 @@ void WorldSession::HandleAuctionSellItem(WorldPacket& recvData) return; } + // check if there are 2 identical guids, in this case user is most likely cheating + for (uint32 i = 0; i < itemsCount - 1; ++i) + { + for (uint32 j = i + 1; j < itemsCount; ++j) + { + if (itemGUIDs[i] == itemGUIDs[j]) + { + SendAuctionCommandResult(0, AUCTION_SELL_ITEM, ERR_AUCTION_DATABASE_ERROR); + return; + } + } + } + for (uint32 i = 0; i < itemsCount; ++i) { Item* item = items[i]; -- cgit v1.2.3