From 82181a8622f9a6981f9649b8ea99dd94d2184d11 Mon Sep 17 00:00:00 2001
From: jackpoz <giacomopoz@gmail.com>
Date: Wed, 1 Jan 2014 21:42:15 +0100
Subject: Core/Loot: Fix Master Loot exploit

Fix Master Loot exploit allowing any online Player to receive loot.
---
 src/server/game/Handlers/LootHandler.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src')

diff --git a/src/server/game/Handlers/LootHandler.cpp b/src/server/game/Handlers/LootHandler.cpp
index 72b05b2d78c..4fd912298ec 100644
--- a/src/server/game/Handlers/LootHandler.cpp
+++ b/src/server/game/Handlers/LootHandler.cpp
@@ -419,6 +419,13 @@ void WorldSession::HandleLootMasterGiveOpcode(WorldPacket& recvData)
     if (_player->GetLootGUID() != lootguid)
         return;
 
+    if (!_player->IsInRaidWith(target) || !_player->IsInMap(target))
+    {
+        TC_LOG_INFO("loot", "MasterLootItem: Player %s tried to give an item to ineligible player %s !", GetPlayer()->GetName().c_str(), target->GetName().c_str());
+        return;
+    }
+
+
     Loot* loot = NULL;
 
     if (IS_CRE_OR_VEH_GUID(GetPlayer()->GetLootGUID()))
-- 
cgit v1.2.3