From 9adb955f2a0416961d43d7b355834a90e46a3786 Mon Sep 17 00:00:00 2001 From: nos4r2zod Date: Sat, 12 Feb 2011 17:02:12 +0200 Subject: [PATCH] [11147] Fix a potential exploit with multicast bars - allow place only totem spells in these slots Signed-off-by: Ambal --- src/game/DBCStructure.h | 6 +++--- src/game/Player.cpp | 32 +++++++++++++++++++++++++++----- src/game/SharedDefines.h | 33 +++++++++++++++++++++++++++++++++ src/shared/revision_nr.h | 2 +- 4 files changed, 64 insertions(+), 9 deletions(-) diff --git a/src/game/DBCStructure.h b/src/game/DBCStructure.h index 9948032f1..2b98d66eb 100644 --- a/src/game/DBCStructure.h +++ b/src/game/DBCStructure.h @@ -1434,9 +1434,9 @@ struct SpellEntry uint32 AttributesEx6; // 10 m_attributesExF uint32 AttributesEx7; // 11 m_attributesExG (0x20 - totems, 0x4 - paladin auras, etc...) uint32 Stances; // 12 m_shapeshiftMask - // uint32 unk_320_2; // 13 3.2.0 + // uint32 unk_320_1; // 13 3.2.0 uint32 StancesNot; // 14 m_shapeshiftExclude - // uint32 unk_320_3; // 15 3.2.0 + // uint32 unk_320_2; // 15 3.2.0 uint32 Targets; // 16 m_targets uint32 TargetCreatureType; // 17 m_targetCreatureType uint32 RequiresSpellFocus; // 18 m_requiresSpellFocus @@ -1530,7 +1530,7 @@ struct SpellEntry uint32 runeCostID; // 226 m_runeCostID //uint32 spellMissileID; // 227 m_spellMissileID not used //uint32 PowerDisplayId; // 228 m_powerDisplayID - id from PowerDisplay.dbc, new in 3.1 - //float unk_320_4[3]; // 229-231 3.2.0 + //float unk_320_3[3]; // 229-231 3.2.0 //uint32 spellDescriptionVariableID; // 232 m_spellDescriptionVariableID, 3.2.0 uint32 SpellDifficultyId; // 233 m_spellDifficultyID - id from SpellDifficulty.dbc diff --git a/src/game/Player.cpp b/src/game/Player.cpp index ba6985448..39c943205 100644 --- a/src/game/Player.cpp +++ b/src/game/Player.cpp @@ -5988,7 +5988,9 @@ bool Player::IsActionButtonDataValid(uint8 button, uint32 action, uint8 type, Pl switch(type) { case ACTION_BUTTON_SPELL: - if(!sSpellStore.LookupEntry(action)) + { + SpellEntry const* spellProto = sSpellStore.LookupEntry(action); + if(!spellProto) { if (msg) { @@ -6000,14 +6002,33 @@ bool Player::IsActionButtonDataValid(uint8 button, uint32 action, uint8 type, Pl return false; } - if(player && !player->HasSpell(action)) + if(player) { - if (msg) - sLog.outError( "Spell action %u not added into button %u for player %s: player don't known this spell", action, button, player->GetName() ); - return false; + if(!player->HasSpell(spellProto->Id)) + { + if (msg) + sLog.outError( "Spell action %u not added into button %u for player %s: player don't known this spell", action, button, player->GetName() ); + return false; + } + else if(IsPassiveSpell(spellProto)) + { + if (msg) + sLog.outError( "Spell action %u not added into button %u for player %s: spell is passive", action, button, player->GetName() ); + return false; + } + // current range for button of totem bar is from ACTION_BUTTON_SHAMAN_TOTEMS_BAR to (but not including) ACTION_BUTTON_SHAMAN_TOTEMS_BAR + 12 + else if(button >= ACTION_BUTTON_SHAMAN_TOTEMS_BAR && button < (ACTION_BUTTON_SHAMAN_TOTEMS_BAR + 12) + && !(spellProto->AttributesEx7 & SPELL_ATTR_EX7_TOTEM_SPELL)) + { + if (msg) + sLog.outError( "Spell action %u not added into button %u for player %s: attempt to add non totem spell to totem bar", action, button, player->GetName() ); + return false; + } } break; + } case ACTION_BUTTON_ITEM: + { if(!ObjectMgr::GetItemPrototype(action)) { if (msg) @@ -6020,6 +6041,7 @@ bool Player::IsActionButtonDataValid(uint8 button, uint32 action, uint8 type, Pl return false; } break; + } default: break; // other cases not checked at this moment } diff --git a/src/game/SharedDefines.h b/src/game/SharedDefines.h index 32cd0d35e..42ab3e51f 100644 --- a/src/game/SharedDefines.h +++ b/src/game/SharedDefines.h @@ -462,6 +462,39 @@ const uint32 ItemQualityColors[MAX_ITEM_QUALITY] = { #define SPELL_ATTR_EX6_UNK30 0x40000000 // 30 not set in 3.0.3 #define SPELL_ATTR_EX6_UNK31 0x80000000 // 31 not set in 3.0.3 +#define SPELL_ATTR_EX7_UNK0 0x00000001 // 0 +#define SPELL_ATTR_EX7_UNK1 0x00000002 // 1 +#define SPELL_ATTR_EX7_PALADIN_AURA 0x00000004 // 2 +#define SPELL_ATTR_EX7_UNK3 0x00000008 // 3 +#define SPELL_ATTR_EX7_UNK4 0x00000010 // 4 +#define SPELL_ATTR_EX7_TOTEM_SPELL 0x00000020 // 5 shaman summon totem spells +#define SPELL_ATTR_EX7_UNK6 0x00000040 // 6 +#define SPELL_ATTR_EX7_UNK7 0x00000080 // 7 +#define SPELL_ATTR_EX7_UNK8 0x00000100 // 8 +#define SPELL_ATTR_EX7_UNK9 0x00000200 // 9 +#define SPELL_ATTR_EX7_UNK10 0x00000400 // 10 +#define SPELL_ATTR_EX7_UNK11 0x00000800 // 11 +#define SPELL_ATTR_EX7_UNK12 0x00001000 // 12 +#define SPELL_ATTR_EX7_UNK13 0x00002000 // 13 +#define SPELL_ATTR_EX7_UNK14 0x00004000 // 14 +#define SPELL_ATTR_EX7_UNK15 0x00008000 // 15 +#define SPELL_ATTR_EX7_UNK16 0x00010000 // 16 +#define SPELL_ATTR_EX7_UNK17 0x00020000 // 17 +#define SPELL_ATTR_EX7_UNK18 0x00040000 // 18 +#define SPELL_ATTR_EX7_UNK19 0x00080000 // 19 +#define SPELL_ATTR_EX7_UNK20 0x00100000 // 20 +#define SPELL_ATTR_EX7_UNK21 0x00200000 // 21 +#define SPELL_ATTR_EX7_UNK22 0x00400000 // 22 +#define SPELL_ATTR_EX7_UNK23 0x00800000 // 23 +#define SPELL_ATTR_EX7_UNK24 0x01000000 // 24 +#define SPELL_ATTR_EX7_UNK25 0x02000000 // 25 +#define SPELL_ATTR_EX7_UNK26 0x04000000 // 26 +#define SPELL_ATTR_EX7_UNK27 0x08000000 // 27 +#define SPELL_ATTR_EX7_UNK28 0x10000000 // 28 +#define SPELL_ATTR_EX7_UNK29 0x20000000 // 29 +#define SPELL_ATTR_EX7_UNK30 0x40000000 // 30 +#define SPELL_ATTR_EX7_UNK31 0x80000000 // 31 + #define MAX_TALENT_SPEC_COUNT 2 #define MAX_GLYPH_SLOT_INDEX 6 diff --git a/src/shared/revision_nr.h b/src/shared/revision_nr.h index 92af9ea23..0ea56a4b7 100644 --- a/src/shared/revision_nr.h +++ b/src/shared/revision_nr.h @@ -1,4 +1,4 @@ #ifndef __REVISION_NR_H__ #define __REVISION_NR_H__ - #define REVISION_NR "11146" + #define REVISION_NR "11147" #endif // __REVISION_NR_H__