metin-server/m2dev-server-src
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

db: escape async string query inputs

Browse Source
This commit is contained in:
server
2026-04-13 23:00:45 +02:00
parent fce6268129
commit 63dac27b47
5 changed files with 42 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/db/ClientManagerPlayer.cpp
View File

@@ -91,6 +91,7 @@ bool CreateItemTableFromRes(MYSQL_RES * res, std::vector<TPlayerItem> * pVec, DW
size_t CreatePlayerSaveQuery(char * pszQuery, size_t querySize, TPlayerTable * pkTab)
{
size_t queryLen;
const std::string escapedIp = CDBManager::instance().EscapeStringCopy(pkTab->ip, strnlen(pkTab->ip, sizeof(pkTab->ip)));
queryLen = snprintf(pszQuery, querySize,
"UPDATE player%s SET "
@@ -164,7 +165,7 @@ size_t CreatePlayerSaveQuery(char * pszQuery, size_t querySize, TPlayerTable * p
pkTab->skill_point,
pkTab->sub_skill_point,
pkTab->stat_reset_count,
pkTab->ip,
escapedIp.c_str(),
pkTab->parts[PART_MAIN],
pkTab->parts[PART_HAIR],
pkTab->skill_group,
@@ -1206,7 +1207,9 @@ void CClientManager::__RESULT_PLAYER_DELETE(CPeer *peer, SQLMsg* msg)
CDBManager::instance().AsyncQuery(queryStr);
// END_OF_MYSHOP_PRICE_LIST
snprintf(queryStr, sizeof(queryStr), "DELETE FROM messenger_list%s WHERE account='%s' OR companion='%s'", GetTablePostfix(), szName, szName);
const std::string escapedPlayerName = CDBManager::instance().EscapeStringCopy(szName, strnlen(szName, sizeof(szName)));
snprintf(queryStr, sizeof(queryStr), "DELETE FROM messenger_list%s WHERE account='%s' OR companion='%s'",
GetTablePostfix(), escapedPlayerName.c_str(), escapedPlayerName.c_str());
CDBManager::instance().AsyncQuery(queryStr);
peer->EncodeHeader(DG::PLAYER_DELETE_SUCCESS, pi->dwHandle, 1);
@@ -1272,7 +1275,8 @@ void CClientManager::QUERY_REMOVE_AFFECT(CPeer * peer, TPacketGDRemoveAffect * p
void CClientManager::QUERY_HIGHSCORE_REGISTER(CPeer* peer, TPacketGDHighscore * data)
{
char szQuery[128];
snprintf(szQuery, sizeof(szQuery), "SELECT value FROM highscore%s WHERE board='%s' AND pid = %u", GetTablePostfix(), data->szBoard, data->dwPID);
const std::string escapedBoard = CDBManager::instance().EscapeStringCopy(data->szBoard, strnlen(data->szBoard, sizeof(data->szBoard)));
snprintf(szQuery, sizeof(szQuery), "SELECT value FROM highscore%s WHERE board='%s' AND pid = %u", GetTablePostfix(), escapedBoard.c_str(), data->dwPID);
sys_log(0, "GD::HIGHSCORE_REGISTER: PID %u", data->dwPID);
@@ -1293,6 +1297,7 @@ void CClientManager::RESULT_HIGHSCORE_REGISTER(CPeer * pkPeer, SQLMsg * msg)
char szBoard[21];
strlcpy(szBoard, pi->login, sizeof(szBoard));
const std::string escapedBoard = CDBManager::instance().EscapeStringCopy(szBoard, strnlen(szBoard, sizeof(szBoard)));
int value = (int)pi->account_id;
SQLResult * res = msg->Get();
@@ -1301,7 +1306,7 @@ void CClientManager::RESULT_HIGHSCORE_REGISTER(CPeer * pkPeer, SQLMsg * msg)
{
// 새로운 하이스코어를 삽입
char buf[256];
snprintf(buf, sizeof(buf), "INSERT INTO highscore%s VALUES('%s', %u, %d)", GetTablePostfix(), szBoard, pi->player_id, value);
snprintf(buf, sizeof(buf), "INSERT INTO highscore%s VALUES('%s', %u, %d)", GetTablePostfix(), escapedBoard.c_str(), pi->player_id, value);
CDBManager::instance().AsyncQuery(buf);
}
else
@@ -1323,14 +1328,14 @@ void CClientManager::RESULT_HIGHSCORE_REGISTER(CPeer * pkPeer, SQLMsg * msg)
else
{
char buf[256];
snprintf(buf, sizeof(buf), "REPLACE INTO highscore%s VALUES('%s', %u, %d)", GetTablePostfix(), szBoard, pi->player_id, value);
snprintf(buf, sizeof(buf), "REPLACE INTO highscore%s VALUES('%s', %u, %d)", GetTablePostfix(), escapedBoard.c_str(), pi->player_id, value);
CDBManager::instance().AsyncQuery(buf);
}
}
else
{
char buf[256];
snprintf(buf, sizeof(buf), "INSERT INTO highscore%s VALUES('%s', %u, %d)", GetTablePostfix(), szBoard, pi->player_id, value);
snprintf(buf, sizeof(buf), "INSERT INTO highscore%s VALUES('%s', %u, %d)", GetTablePostfix(), escapedBoard.c_str(), pi->player_id, value);
CDBManager::instance().AsyncQuery(buf);
}
}