Skip to content
Permalink
Browse files

Character delete patch

Removed an exploit where characters of different accounts could be deleted by a logging account session. Issue pointed out by zera.
  • Loading branch information...
ronancpl committed Mar 21, 2018
1 parent 97da2e2 commit 9f643cc739de4661745d3f0ecd4ac9c60e380905
@@ -17,10 +17,6 @@
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/* NPC Base
Map Name (Map ID)
Extra NPC info.
*/

var status;

@@ -17,10 +17,6 @@
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/* NPC Base
Map Name (Map ID)
Extra NPC info.
*/

var status;

@@ -17,10 +17,6 @@
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/* NPC Base
Map Name (Map ID)
Extra NPC info.
*/

var status;

@@ -2,7 +2,6 @@
NPC: Blocked Entrance (portal?)
MAP: Mushroom Castle - East Castle Tower (106021400)
*/
importPackage(Packages.tools);

var status;

@@ -965,8 +965,37 @@ public Channel getChannelServer(byte channel) {
return Server.getInstance().getChannel(world, channel);
}

private boolean hasCharacter(int cid) throws SQLException {
Connection con = null;
PreparedStatement ps = null;
ResultSet rs = null;

try {
con = DatabaseConnection.getConnection();
ps = con.prepareStatement("SELECT id FROM characters WHERE accountid = ?");
ps.setInt(1, getAccID());

rs = ps.executeQuery();
while (rs.next()) {
if (rs.getInt("id") == cid) {
return true;
}
}
} finally {
if(rs != null && !rs.isClosed()) rs.close();
if(ps != null && !ps.isClosed()) ps.close();
if(con != null && !con.isClosed()) con.close();
}

return false;
}

public boolean deleteCharacter(int cid) {
try {
if(!hasCharacter(cid)) {
return false;
}

return MapleCharacter.deleteCharFromDB(MapleCharacter.loadCharFromDB(cid, this, false));
} catch(SQLException ex) {
ex.printStackTrace();
@@ -34,9 +34,12 @@ public final void handlePacket(SeekableLittleEndianAccessor slea, MapleClient c)
String pic = slea.readMapleAsciiString();
int cid = slea.readInt();
if (c.checkPic(pic)) {
FilePrinter.printError(FilePrinter.DELETED_CHARACTERS + c.getAccountName() + ".txt", c.getAccountName() + " deleted CID: " + cid + "\r\n");
c.announce(MaplePacketCreator.deleteCharResponse(cid, 0));
c.deleteCharacter(cid);
if(c.deleteCharacter(cid)) {
FilePrinter.printError(FilePrinter.DELETED_CHARACTERS + c.getAccountName() + ".txt", c.getAccountName() + " deleted CID: " + cid + "\r\n");
c.announce(MaplePacketCreator.deleteCharResponse(cid, 0));
} else {
c.announce(MaplePacketCreator.deleteCharResponse(cid, 0x14));
}
} else {
c.announce(MaplePacketCreator.deleteCharResponse(cid, 0x14));
}

0 comments on commit 9f643cc

Please sign in to comment.
You can’t perform that action at this time.