db: escape guild reward batch logins

src/db/GuildManager.cpp

@@ -86,6 +86,27 @@ namespace
 		return stmt.Prepare(sql, query.c_str());
 	}
 
+	bool AppendItemAwardValueRow(char* query, size_t querySize, int& queryLen, int rowIndex, const std::string& login, DWORD gold)
+	{
+		const std::string escapedLogin = CDBManager::instance().EscapeStringCopy(login.c_str(), login.size());
+		const int written = snprintf(
+			query + queryLen,
+			querySize - queryLen,
+			rowIndex == 0 ? "('%s', %d, %u, NOW())" : ",('%s', %d, %u, NOW())",
+			escapedLogin.c_str(),
+			ITEM_ELK_VNUM,
+			gold);
+
+		if (written < 0 || static_cast<size_t>(written) >= querySize - queryLen)
+		{
+			sys_err("WAR_REWARD: item_award batch query buffer exhausted");
+			return false;
+		}
+
+		queryLen += written;
+		return true;
+	}
+
 	bool LoadGuildRows(const DWORD* guildId, std::vector<GuildRow>& rows)
 	{
 		CStmt stmt;
@@ -1580,12 +1601,8 @@ void CGuildWarReserve::Draw()
 
 		while (it != mapBet.end())
 		{
-			if (iRow == 0)
-				iLen += snprintf(szQuery + iLen, sizeof(szQuery) - iLen, "('%s', %d, %u, NOW())", 
-						it->first.c_str(), ITEM_ELK_VNUM, it->second.second);
-			else
-				iLen += snprintf(szQuery + iLen, sizeof(szQuery) - iLen, ",('%s', %d, %u, NOW())", 
-						it->first.c_str(), ITEM_ELK_VNUM, it->second.second);
+			if (!AppendItemAwardValueRow(szQuery, sizeof(szQuery), iLen, iRow, it->first, it->second.second))
+				return;
 
 			it++;
 
@@ -1692,12 +1709,8 @@ void CGuildWarReserve::End(int iScoreFrom, int iScoreTo)
 
 			DWORD dwGold = (DWORD) (dwTotalBet * ratio * 0.9);
 
-			if (iRow == 0)
-				iLen += snprintf(szQuery + iLen, sizeof(szQuery) - iLen, "('%s', %d, %u, NOW())",
-						it->first.c_str(), ITEM_ELK_VNUM, dwGold);
-			else
-				iLen += snprintf(szQuery + iLen, sizeof(szQuery) - iLen, ",('%s', %d, %u, NOW())",
-						it->first.c_str(), ITEM_ELK_VNUM, dwGold);
+			if (!AppendItemAwardValueRow(szQuery, sizeof(szQuery), iLen, iRow, it->first, dwGold))
+				return;
 
 			++it;