When i add the code to CGuildManager::CreateGuild which fixes sql injection players can create 2 guilds with the same name, are there any fix about it?

xCoRPeR · December 25, 2015

Code:

Spoiler

DWORD CGuildManager::CreateGuild(TGuildCreateParameter& gcp)
{
if (!gcp.master)
return 0;

   if (!check_name(gcp.name))
   {
       gcp.master->ChatPacket(CHAT_TYPE_INFO, LC_TEXT("<길드> 길드 이름이 적합하지 않습니다."));
       return 0;
   }

static char __escape_name[GUILD_NAME_MAX_LEN * 2 + 1];
DBManager::instance().EscapeString(__escape_name, sizeof(__escape_name), static_cast<const char *>(gcp.name), sizeof(gcp.name));

   std::auto_ptr<SQLMsg> pmsg(DBManager::instance().DirectQuery("SELECT COUNT(*) FROM guild%s WHERE name = '%s'",
               get_table_postfix(), __escape_name));

   if (pmsg->Get()->uiNumRows > 0)
   {
       MYSQL_ROW row = mysql_fetch_row(pmsg->Get()->pSQLResult);

       if (!(row[0] && row[0][0] == '0'))
       {
           gcp.master->ChatPacket(CHAT_TYPE_INFO, LC_TEXT("<길드> 이미 같은 이름의 길드가 있습니다."));
           return 0;
       }
   }
   else
   {
       gcp.master->ChatPacket(CHAT_TYPE_INFO, LC_TEXT("<길드> 길드를 생성할 수 없습니다."));
       return 0;
   }

   // new CGuild(gcp) queries guild tables and tell dbcache to notice other game servers.
   // other game server calls CGuildManager::LoadGuild to load guild.
   CGuild * pg = M2_NEW CGuild(gcp);
   m_mapGuild.insert(std::make_pair(pg->GetID(), pg));
   return pg->GetID();
}

Ken · December 25, 2015

Nova's second fix about MakeGuild is useless for me because the system is already checking alpha characters. (check_name). Before implementing the fix, you have to test the SQL injection. If the system does not check the alpha characters, that means you have many SQL injections in the source files.

For example;

pc.change_name (Quest)
CInputLogin::ChangeName() - net.SendChangeCharacterNamePacket()
CInputLogin::CharacterCreate()
horse.set_name()

Kind Regards ~ Ken

BackPlayer · December 26, 2015

how can test my source for sql injections?

xCoRPeR · December 26, 2015

UP ( problem continues )

ds_aim · December 26, 2015

39 minutes ago, xCoRPeR said:

UP ( problem continues )

Man , u are blind?

Ken answered you.

It's not necesarry fix in guild. USE ORIGINAL codes in guild.

You need to fix just messenger_manager. In guild don't work sql injection.

BeHappy4Ever · December 28, 2015

On 26/12/2015 at 1:48 AM, BackPlayer said:

how can test my source for sql injections?

I think Anemus is okay,you can test it via using the exploit -.-

Sign In

When i add the code to CGuildManager::CreateGuild which fixes sql injection players can create 2 guilds with the same name, are there any fix about it?

Recommended Posts

xCoRPeR 21

Link to comment

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Ken 891

Link to comment

Share on other sites

BackPlayer 55

Link to comment

Share on other sites

xCoRPeR 21

Link to comment

Share on other sites

ds_aim 239

Link to comment

Share on other sites

BeHappy4Ever 235

Link to comment

Share on other sites

Please sign in to comment

Announcements

Similar Content

Activity

Recently Browsing

Important Information