Skip to content

Commit

Permalink
[11147] Fix a potential exploit with multicast bars - allow place onl…
Browse files Browse the repository at this point in the history 
…y totem spells in these slots

Signed-off-by: Ambal <pogrebniak@gala.net>
  • Loading branch information
nos4r2zod authored and Ambal committed Feb 12, 2011
1 parent dada025 commit 16c459d
Show file tree
Hide file tree
Showing 4 changed files with 64 additions and 9 deletions.
6 changes: 3 additions & 3 deletions src/game/DBCStructure.h
View file
Expand Up @@ -1434,9 +1434,9 @@ struct SpellEntry
uint32 AttributesEx6; // 10 m_attributesExF
uint32 AttributesEx7; // 11 m_attributesExG (0x20 - totems, 0x4 - paladin auras, etc...)
uint32 Stances; // 12 m_shapeshiftMask
// uint32 unk_320_2; // 13 3.2.0
// uint32 unk_320_1; // 13 3.2.0
uint32 StancesNot; // 14 m_shapeshiftExclude
// uint32 unk_320_3; // 15 3.2.0
// uint32 unk_320_2; // 15 3.2.0
uint32 Targets; // 16 m_targets
uint32 TargetCreatureType; // 17 m_targetCreatureType
uint32 RequiresSpellFocus; // 18 m_requiresSpellFocus
Expand Down Expand Up @@ -1530,7 +1530,7 @@ struct SpellEntry
uint32 runeCostID; // 226 m_runeCostID
//uint32 spellMissileID; // 227 m_spellMissileID not used
//uint32 PowerDisplayId; // 228 m_powerDisplayID - id from PowerDisplay.dbc, new in 3.1
//float unk_320_4[3]; // 229-231 3.2.0
//float unk_320_3[3]; // 229-231 3.2.0
//uint32 spellDescriptionVariableID; // 232 m_spellDescriptionVariableID, 3.2.0
uint32 SpellDifficultyId; // 233 m_spellDifficultyID - id from SpellDifficulty.dbc

Expand Down
32 changes: 27 additions & 5 deletions src/game/Player.cpp
View file
Expand Up @@ -5988,7 +5988,9 @@ bool Player::IsActionButtonDataValid(uint8 button, uint32 action, uint8 type, Pl
switch(type)
{
case ACTION_BUTTON_SPELL:
if(!sSpellStore.LookupEntry(action))
{
SpellEntry const* spellProto = sSpellStore.LookupEntry(action);
if(!spellProto)
{
if (msg)
{
Expand All @@ -6000,14 +6002,33 @@ bool Player::IsActionButtonDataValid(uint8 button, uint32 action, uint8 type, Pl
return false;
}

if(player && !player->HasSpell(action))
if(player)
{
if (msg)
sLog.outError( "Spell action %u not added into button %u for player %s: player don't known this spell", action, button, player->GetName() );
return false;
if(!player->HasSpell(spellProto->Id))
{
if (msg)
sLog.outError( "Spell action %u not added into button %u for player %s: player don't known this spell", action, button, player->GetName() );
return false;
}
else if(IsPassiveSpell(spellProto))
{
if (msg)
sLog.outError( "Spell action %u not added into button %u for player %s: spell is passive", action, button, player->GetName() );
return false;
}
// current range for button of totem bar is from ACTION_BUTTON_SHAMAN_TOTEMS_BAR to (but not including) ACTION_BUTTON_SHAMAN_TOTEMS_BAR + 12
else if(button >= ACTION_BUTTON_SHAMAN_TOTEMS_BAR && button < (ACTION_BUTTON_SHAMAN_TOTEMS_BAR + 12)
&& !(spellProto->AttributesEx7 & SPELL_ATTR_EX7_TOTEM_SPELL))
{
if (msg)
sLog.outError( "Spell action %u not added into button %u for player %s: attempt to add non totem spell to totem bar", action, button, player->GetName() );
return false;
}
}
break;
}
case ACTION_BUTTON_ITEM:
{
if(!ObjectMgr::GetItemPrototype(action))
{
if (msg)
Expand All @@ -6020,6 +6041,7 @@ bool Player::IsActionButtonDataValid(uint8 button, uint32 action, uint8 type, Pl
return false;
}
break;
}
default:
break; // other cases not checked at this moment
}
Expand Down
33 changes: 33 additions & 0 deletions src/game/SharedDefines.h
View file
Expand Up @@ -462,6 +462,39 @@ const uint32 ItemQualityColors[MAX_ITEM_QUALITY] = {
#define SPELL_ATTR_EX6_UNK30 0x40000000 // 30 not set in 3.0.3
#define SPELL_ATTR_EX6_UNK31 0x80000000 // 31 not set in 3.0.3

#define SPELL_ATTR_EX7_UNK0 0x00000001 // 0
#define SPELL_ATTR_EX7_UNK1 0x00000002 // 1
#define SPELL_ATTR_EX7_PALADIN_AURA 0x00000004 // 2
#define SPELL_ATTR_EX7_UNK3 0x00000008 // 3
#define SPELL_ATTR_EX7_UNK4 0x00000010 // 4
#define SPELL_ATTR_EX7_TOTEM_SPELL 0x00000020 // 5 shaman summon totem spells
#define SPELL_ATTR_EX7_UNK6 0x00000040 // 6
#define SPELL_ATTR_EX7_UNK7 0x00000080 // 7
#define SPELL_ATTR_EX7_UNK8 0x00000100 // 8
#define SPELL_ATTR_EX7_UNK9 0x00000200 // 9
#define SPELL_ATTR_EX7_UNK10 0x00000400 // 10
#define SPELL_ATTR_EX7_UNK11 0x00000800 // 11
#define SPELL_ATTR_EX7_UNK12 0x00001000 // 12
#define SPELL_ATTR_EX7_UNK13 0x00002000 // 13
#define SPELL_ATTR_EX7_UNK14 0x00004000 // 14
#define SPELL_ATTR_EX7_UNK15 0x00008000 // 15
#define SPELL_ATTR_EX7_UNK16 0x00010000 // 16
#define SPELL_ATTR_EX7_UNK17 0x00020000 // 17
#define SPELL_ATTR_EX7_UNK18 0x00040000 // 18
#define SPELL_ATTR_EX7_UNK19 0x00080000 // 19
#define SPELL_ATTR_EX7_UNK20 0x00100000 // 20
#define SPELL_ATTR_EX7_UNK21 0x00200000 // 21
#define SPELL_ATTR_EX7_UNK22 0x00400000 // 22
#define SPELL_ATTR_EX7_UNK23 0x00800000 // 23
#define SPELL_ATTR_EX7_UNK24 0x01000000 // 24
#define SPELL_ATTR_EX7_UNK25 0x02000000 // 25
#define SPELL_ATTR_EX7_UNK26 0x04000000 // 26
#define SPELL_ATTR_EX7_UNK27 0x08000000 // 27
#define SPELL_ATTR_EX7_UNK28 0x10000000 // 28
#define SPELL_ATTR_EX7_UNK29 0x20000000 // 29
#define SPELL_ATTR_EX7_UNK30 0x40000000 // 30
#define SPELL_ATTR_EX7_UNK31 0x80000000 // 31

#define MAX_TALENT_SPEC_COUNT 2
#define MAX_GLYPH_SLOT_INDEX 6

Expand Down
2 changes: 1 addition & 1 deletion src/shared/revision_nr.h
View file
@@ -1,4 +1,4 @@
#ifndef __REVISION_NR_H__
#define __REVISION_NR_H__
#define REVISION_NR "11146"
#define REVISION_NR "11147"
#endif // __REVISION_NR_H__

0 comments on commit 16c459d

Please sign in to comment.