From 5be55b1b14e0c2bbf2933da6401a2ff0bb6f13e2 Mon Sep 17 00:00:00 2001
From: Kelsi <kelsihates2fa@gmail.com>
Date: Fri, 13 Mar 2026 22:14:04 -0700
Subject: [PATCH] fix(combatlog): validate full TBC spell-go header

---
 src/game/packet_parsers_tbc.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/game/packet_parsers_tbc.cpp b/src/game/packet_parsers_tbc.cpp
index 935b34ae..83e2511c 100644
--- a/src/game/packet_parsers_tbc.cpp
+++ b/src/game/packet_parsers_tbc.cpp
@@ -1261,7 +1261,9 @@ bool TbcPacketParsers::parseSpellStart(network::Packet& packet, SpellStartData&
 // WotLK uses packed GUIDs and adds a timestamp (u32) after castFlags.
 // ============================================================================
 bool TbcPacketParsers::parseSpellGo(network::Packet& packet, SpellGoData& data) {
-    if (packet.getSize() - packet.getReadPos() < 19) return false;
+    // Fixed header before hit/miss lists:
+    // casterGuid(u64) + casterUnit(u64) + castCount(u8) + spellId(u32) + castFlags(u32)
+    if (packet.getSize() - packet.getReadPos() < 25) return false;
 
     data.casterGuid = packet.readUInt64();   // full GUID in TBC
     data.casterUnit = packet.readUInt64();   // full GUID in TBC