fixed again

vending, trade....

git-svn-id: https://svn.code.sf.net/p/rathena/svn/athena@301 54d463be-8e91-2dee-dedb-b68131a5f0ec

Changelog.txt

@@ -1,5 +1,6 @@
 Date	Added
 11/21
+	* Re-Fixed Trade/Vending exploit [Lupus]
 	* Fixed @whozeny. [Valaris]
 	* Added rest of mapflags to const.txt. [Valaris]
 	* Closed AFM files after reading, this fixed the improper char-server session #. [Valaris]

src/map/trade.c

@@ -96,8 +96,10 @@ void trade_tradeadditem(struct map_session_data *sd, int index, int amount)
 					sd->deal_zeny = amount;
 					clif_tradeadditem(sd, target_sd, 0, amount);
 				} else {
-					trade_tradecancel(sd);
-					return;
+					if (amount != 0) {
+						trade_tradecancel(sd);
+						return;
+					}
 				}
 			}
 		} else if (amount > 0 && amount <= sd->status.inventory[index-2].amount) {
@@ -128,7 +130,6 @@ void trade_tradeadditem(struct map_session_data *sd, int index, int amount)
 	}
 }
 
-
 /*==========================================
  * ƒAƒCƒeƒ€’ljÁŠ®—¹(ok‰Ÿ‚µ)
  *------------------------------------------

src/map/vending.c

@@ -48,86 +48,80 @@ void vending_vendinglistreq(struct map_session_data *sd,int id)
  */
 void vending_purchasereq(struct map_session_data *sd,int len,int id,unsigned char *p)
 {
-	int i,j,w,z,new=0,blank,vend_list[12];
-	short amount,index;
-	struct map_session_data *vsd=map_id2sd(id);
+	int i, j, w, z, new = 0, blank, vend_list[12];
+	short amount, index;
+	struct map_session_data *vsd = map_id2sd(id);
 
 	nullpo_retv(sd);
 
-	blank=pc_inventoryblank(sd);
+	blank = pc_inventoryblank(sd);
 
-	if(vsd==NULL)
+	if (vsd == NULL)
 		return;
-	if(vsd->vender_id==0)
+	if (vsd->vender_id == 0)
 		return;
-	if(vsd->vender_id==sd->bl.id)
+	if (vsd->vender_id == sd->bl.id)
 		return;
-	for(i=0,w=z=0;8+4*i<len;i++){
-		amount=*(short*)(p+4*i);
-		index=*(short*)(p+2+4*i)-2;
-/*
-		if(amount < 0) return;	//add
-		for(j=0;j<vsd->vend_num;j++)
-			if(0<vsd->vending[j].amount && amount<=vsd->vending[j].amount && vsd->vending[j].index==index)
+	for(i = 0, w = z = 0; 8 + 4 * i < len; i++) {
+		amount = *(short*)(p + 4 * i);
+		index = *(short*)(p + 2 + 4 * i) - 2;
+
+		if (amount < 0) return; // exploit
+/*		for(j = 0; j < vsd->vend_num; j++)
+			if (0 < vsd->vending[j].amount && amount <= vsd->vending[j].amount && vsd->vending[j].index == index)
 				break;
 */
 //ADD_start
-		for(j=0;j < vsd->vend_num;j++) {
-			if(0 < vsd->vending[j].amount && vsd->vending[j].index==index) {
-				if(amount > vsd->vending[j].amount || amount <= 0) {
-					clif_buyvending(sd,index,vsd->vending[j].amount,4);
+		for(j = 0; j < vsd->vend_num; j++) {
+			if (0 < vsd->vending[j].amount && vsd->vending[j].index == index) {
+				if (amount > vsd->vending[j].amount || amount <= 0) {
+					clif_buyvending(sd,index,vsd->vending[j].amount, 4);
 					return;
 				}
-				if(amount <= vsd->vending[j].amount) break;
+				if (amount <= vsd->vending[j].amount) break;
 			}
 		}
 //ADD_end
-		if(j==vsd->vend_num)
-			return;	// 売り切れ
-		vend_list[i]=j;
-		z+=vsd->vending[j].value*amount;
-		if(z > sd->status.zeny){
-			clif_buyvending(sd,index,amount,1);
-			return;	// zeny不足
+		if (j == vsd->vend_num)
+			return; // 売り切れ
+		vend_list[i] = j;
+		z += vsd->vending[j].value * amount;
+		if (z > sd->status.zeny){
+			clif_buyvending(sd, index, amount, 1);
+			return; // zeny不足
 		}
-		w+=itemdb_weight(vsd->status.cart[index].nameid)*amount;
-		if(w+sd->weight > sd->max_weight){
-			clif_buyvending(sd,index,amount,2);
-			return;	// 重量超過
+		w += itemdb_weight(vsd->status.cart[index].nameid) * amount;
+		if (w + sd->weight > sd->max_weight) {
+			clif_buyvending(sd, index, amount, 2);
+			return; // 重量超過
 		}
-		switch(pc_checkadditem(sd,vsd->status.cart[index].nameid,amount)){
+		switch(pc_checkadditem(sd, vsd->status.cart[index].nameid, amount)) {
 		case ADDITEM_EXIST:
 			break;
 		case ADDITEM_NEW:
 			new++;
-			if(new > blank)
+			if (new > blank)
 				return;	// 種類数超過
 			break;
 		case ADDITEM_OVERAMOUNT:
-			return;	// アイテム数超過
+			return; // アイテム数超過
 		}
 	}
-		if(z < 0 || z > MAX_ZENY){  //Zeny Bug Fixed by Darkchild
+	if (z < 0 || z > MAX_ZENY) { // Zeny Bug Fixed by Darkchild
 		clif_tradecancelled(sd);
 		clif_tradecancelled(vsd);
 		return;
 	}
-	pc_payzeny(sd,z);
-	pc_getzeny(vsd,z);
-	for(i=0;8+4*i<len;i++){
-		amount=*(short*)(p+4*i);
-		index=*(short*)(p+2+4*i)-2;
-		if(amount < 0) break;	//add
+	pc_payzeny(sd, z);
+	pc_getzeny(vsd, z);
+	for(i = 0; 8 + 4 * i < len; i++) {
+		amount = *(short*)(p + 4 *i);
+		index = *(short*)(p + 2 + 4 * i) - 2;
+		//if (amount < 0) break; // tested at start of the function
 		pc_additem(sd,&vsd->status.cart[index],amount);
-
-		#ifndef TXT_ONLY
-		if(log_config.vend > 0)
-			log_vend(vsd,sd,index,amount,z);
-		#endif
-
-		vsd->vending[vend_list[i]].amount-=amount;
-		pc_cart_delitem(vsd,index,amount,0);
-		clif_vendingreport(vsd,index,amount);
+		vsd->vending[vend_list[i]].amount -= amount;
+		pc_cart_delitem(vsd, index, amount, 0);
+		clif_vendingreport(vsd, index, amount);
 	}
 }
 
@@ -146,25 +140,25 @@ void vending_openvending(struct map_session_data *sd,int len,char *message,int f
 		return;
 	}
 
-	if(flag){
-		for(i=0;85+8*i<len;i++){
-			sd->vending[i].index=*(short*)(p+8*i)-2;
-			sd->vending[i].amount=*(short*)(p+2+8*i);
-			sd->vending[i].value=*(int*)(p+4+8*i);
+	if (flag) {
+		for(i = 0; 85 + 8 * i < len; i++) {
+			sd->vending[i].index = *(short*)(p+8*i)-2;
+			sd->vending[i].amount = *(short*)(p+2+8*i);
+			sd->vending[i].value = *(int*)(p+4+8*i);
 			if(sd->vending[i].value>battle_config.vending_max_value)sd->vending[i].value=battle_config.vending_max_value;
 			// カート内のアイテム数と販売するアイテム数に相違があったら中止
-			if(pc_cartitem_amount(sd,sd->vending[i].index,sd->vending[i].amount)<0 || sd->vending[i].value < 0) { // fixes by Valaris and fritz
-				clif_skill_fail(sd,MC_VENDING,0,0);
+			if(pc_cartitem_amount(sd, sd->vending[i].index, sd->vending[i].amount) < 0 || sd->vending[i].value < 0) { // fixes by Valaris and fritz
+				clif_skill_fail(sd, MC_VENDING, 0, 0);
 				return;
 			}
 		}
-		sd->vender_id=sd->bl.id;
-		sd->vend_num=i;
+		sd->vender_id = sd->bl.id;
+		sd->vend_num = i;
 		strcpy(sd->message,message);
-		if(clif_openvending(sd,sd->vender_id,sd->vending) > 0)
+		if (clif_openvending(sd,sd->vender_id,sd->vending) > 0)
 			clif_showvendingboard(&sd->bl,message,0);
 		else
-			sd->vender_id=0;
+			sd->vender_id = 0;
 	}
 }