Jump to content
×
×
  • Create New...
  • 0

When i add the code to CGuildManager::CreateGuild which fixes sql injection players can create 2 guilds with the same name, are there any fix about it?

xCoRPeR

Asked by xCoRPeR,

 Share

Question

xCoRPeR Enthusiast

xCoRPeR 19

Posted
Posted
When i add the code to CGuildManager::CreateGuild which fixes sql injection players can create 2 guilds with the same name, are there any fix about it?

 

Spoiler

DWORD CGuildManager::CreateGuild(TGuildCreateParameter& gcp)
{
    if (!gcp.master)
        return 0;

    if (!check_name(gcp.name))
    {
        gcp.master->ChatPacket(CHAT_TYPE_INFO, LC_TEXT("<길드> 길드 이름이 적합하지 않습니다."));
        return 0;
    }
    
    static char __escape_name[GUILD_NAME_MAX_LEN * 2 + 1];
    DBManager::instance().EscapeString(__escape_name, sizeof(__escape_name), static_cast<const char *>(gcp.name), sizeof(gcp.name));
    
    std::auto_ptr<SQLMsg> pmsg(DBManager::instance().DirectQuery("SELECT COUNT(*) FROM guild%s WHERE name = '%s'",
                get_table_postfix(), __escape_name));

    if (pmsg->Get()->uiNumRows > 0)
    {
        MYSQL_ROW row = mysql_fetch_row(pmsg->Get()->pSQLResult);

        if (!(row[0] && row[0][0] == '0'))
        {
            gcp.master->ChatPacket(CHAT_TYPE_INFO, LC_TEXT("<길드> 이미 같은 이름의 길드가 있습니다."));
            return 0;
        }
    }
    else
    {
        gcp.master->ChatPacket(CHAT_TYPE_INFO, LC_TEXT("<길드> 길드를 생성할 수 없습니다."));
        return 0;
    }

    // new CGuild(gcp) queries guild tables and tell dbcache to notice other game servers.
    // other game server calls CGuildManager::LoadGuild to load guild.
    CGuild * pg = M2_NEW CGuild(gcp);
    m_mapGuild.insert(std::make_pair(pg->GetID(), pg));
    return pg->GetID();
}

 

Link to comment
Share on other sites
  • Answers 4
  • Created
  • Last Reply

Top Posters For This Question

Popular Days

Top Posters For This Question

Popular Days

4 answers to this question

Recommended Posts

  • 0
  • Premium
Unknown Enthusiast

Unknown 9

Posted
  • Premium
Posted

Hello,

 

In this line :

13 hours ago, xCoRPeR said:

    DBManager::instance().EscapeString(__escape_name, sizeof(__escape_name), static_cast<const char *>(gcp.name), sizeof(gcp.name));

Replace sizeof(gpc.name) by strlen(gpc.name) and static_cast<const char *>(gcp.name) by gpc.name.

 

Tested and worked.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to question listing


Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept