fix(core): prevent unsupported-by-client passwords (#1547)

2026-01-30 00:53:46 +00:00 · 2019-03-07 22:20:02 +01:00
parent 0758677578
commit b0d6b6ee70
5 changed files with 18 additions and 1 deletions
--- a/data/sql/updates/pending_db_world/rev_1551539925032805900.sql
+++ b/data/sql/updates/pending_db_world/rev_1551539925032805900.sql
@@ -0,0 +1,8 @@
+INSERT INTO `version_db_world` (`sql_rev`) VALUES ('1551539925032805900');
+
+DELETE FROM `trinity_string` WHERE `entry` = 1031;
+INSERT INTO `trinity_string` (`entry`, `content_default`) VALUES
+(1031, 'An account password can NOT be longer than 16 characters (client limit). Account NOT created.');
+
+UPDATE `trinity_string` SET `content_default` = 'Account name can\'t be longer than 20 characters (client limit), account not created!' WHERE (`entry` = '1005');
+
--- a/src/server/game/Accounts/AccountMgr.cpp
+++ b/src/server/game/Accounts/AccountMgr.cpp
@@ -21,6 +21,9 @@ namespace AccountMgr
        if (utf8length(username) > MAX_ACCOUNT_STR)
            return AOR_NAME_TOO_LONG;                           // username's too long

+        if (utf8length(password) > MAX_PASS_STR)
+            return AccountOpResult::AOR_PASS_TOO_LONG;          // password's too long
+
        normalizeString(username);
        normalizeString(password);

--- a/src/server/game/Accounts/AccountMgr.h
+++ b/src/server/game/Accounts/AccountMgr.h
@@ -21,6 +21,7 @@ enum AccountOpResult
 };

 #define MAX_ACCOUNT_STR 20
+#define MAX_PASS_STR 16

 namespace AccountMgr
 {
--- a/src/server/game/Miscellaneous/Language.h
+++ b/src/server/game/Miscellaneous/Language.h
@@ -876,8 +876,9 @@ enum TrinityStrings
    LANG_SQLDRIVER_QUERY_LOGGING_ENABLED  = 1027,
    LANG_SQLDRIVER_QUERY_LOGGING_DISABLED = 1028,
    // 1029-1030 used in other client versions
-
    // Room for more level 4              1031-1099 not used
+    LANG_ACCOUNT_PASS_TOO_LONG            = 1031,
+

    // Level 3 (continue)
    LANG_ACCOUNT_SETADDON               = 1100,
--- a/src/server/scripts/Commands/cs_account.cpp
+++ b/src/server/scripts/Commands/cs_account.cpp
@@ -113,6 +113,10 @@ public:
            handler->SendSysMessage(LANG_ACCOUNT_TOO_LONG);
            handler->SetSentErrorMessage(true);
            return false;
+        case AOR_PASS_TOO_LONG:
+            handler->SendSysMessage(LANG_ACCOUNT_PASS_TOO_LONG);
+            handler->SetSentErrorMessage(true);
+            return false;
        case AOR_NAME_ALREDY_EXIST:
            handler->SendSysMessage(LANG_ACCOUNT_ALREADY_EXIST);
            handler->SetSentErrorMessage(true);