ElderShell/EverWrath
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(Core/Commands): Item duplication exploit (#9650)

Browse source
This commit is contained in:
Noxies 2021-12-11 17:21:07 +01:00 committed by GitHub
parent 41e19b8bb5
commit 5ec50ac119
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/server/database/Database/Implementation/CharacterDatabase.cpp
View file

@ -593,7 +593,7 @@ void CharacterDatabaseConnection::DoPrepareStatements()
// Recovery Item
PrepareStatement(CHAR_INS_RECOVERY_ITEM, "INSERT INTO recovery_item (Guid, ItemEntry, Count) VALUES (?, ?, ?)", CONNECTION_SYNCH);
PrepareStatement(CHAR_SEL_RECOVERY_ITEM, "SELECT id, itemEntry, Count FROM recovery_item WHERE id = ?", CONNECTION_SYNCH);
PrepareStatement(CHAR_SEL_RECOVERY_ITEM, "SELECT id, itemEntry, Count, Guid FROM recovery_item WHERE id = ?", CONNECTION_SYNCH);
PrepareStatement(CHAR_SEL_RECOVERY_ITEM_LIST, "SELECT id, itemEntry, Count FROM recovery_item WHERE Guid = ? ORDER BY id DESC", CONNECTION_SYNCH);
PrepareStatement(CHAR_DEL_RECOVERY_ITEM, "DELETE FROM recovery_item WHERE Guid = ? AND ItemEntry = ? AND Count = ? ORDER BY Id DESC LIMIT 1", CONNECTION_ASYNC);
PrepareStatement(CHAR_DEL_RECOVERY_ITEM_BY_RECOVERY_ID, "DELETE FROM recovery_item WHERE id = ?", CONNECTION_ASYNC);

2
src/server/scripts/Commands/cs_item.cpp
View file

@ -75,7 +75,7 @@ public:
stmt->setUInt32(0, restoreId);
PreparedQueryResult fields = CharacterDatabase.Query(stmt);
if (!fields || !(*fields)[1].GetUInt32())
if (!fields || !(*fields)[1].GetUInt32() || (*fields)[3].GetUInt32() != player.GetGUID().GetCounter())
{
handler->SendSysMessage(LANG_ITEM_RESTORE_MISSING);
handler->SetSentErrorMessage(true);