From 59ec28a5a4bfabf054c0eeb7f288aff52ce793fe Mon Sep 17 00:00:00 2001 From: NinjaOfLU Date: Wed, 13 Apr 2022 01:58:00 +0100 Subject: [PATCH] Prevent integer underflow in item removal Previously, the only check that the user wasn't trashing more items than they had was clientsided, and this could be bypassed by contacting the server to remove items via a console or the like, and then trashing them before the server could respond, resulting in the count for the items being less than iStackCount. This check prevents that underflow. --- dGame/dGameMessages/GameMessages.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dGame/dGameMessages/GameMessages.cpp b/dGame/dGameMessages/GameMessages.cpp index 1ede443b..35e1a13c 100644 --- a/dGame/dGameMessages/GameMessages.cpp +++ b/dGame/dGameMessages/GameMessages.cpp @@ -5441,7 +5441,7 @@ void GameMessages::HandleRemoveItemFromInventory(RakNet::BitStream* inStream, En } } - item->SetCount(item->GetCount() - iStackCount, true); + item->SetCount(item->GetCount() - std::min(item->GetCount(), iStackCount), true); EntityManager::Instance()->SerializeEntity(entity); auto* missionComponent = entity->GetComponent();