[8848] Fixed bidding on auctions below starting bid

This was possible by using cheating tools only; the client denies such actions without sending CMSG_AUCTION_PLACE_BID. Thanks to leak for reporting this vulnerability.
mangos · Nov 20, 2009 · 8810098 · 8810098
1 parent f4a3b1f
commit 8810098
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/src/game/AuctionHouseHandler.cpp b/src/game/AuctionHouseHandler.cpp
@@ -323,7 +323,7 @@ void WorldSession::HandleAuctionPlaceBid( WorldPacket & recv_data )
     }
 
     // cheating
-    if(price <= auction->bid)
+    if(price <= auction->bid || price < auction->startbid)
         return;
 
     // price too low for next bid if not buyout

diff --git a/src/shared/revision_nr.h b/src/shared/revision_nr.h
@@ -1,4 +1,4 @@
 #ifndef __REVISION_NR_H__
 #define __REVISION_NR_H__
- #define REVISION_NR "8847"
+ #define REVISION_NR "8848"
 #endif // __REVISION_NR_H__