From 90bc9118f989479e9d3b3babe5ceca36b40f9867 Mon Sep 17 00:00:00 2001
From: Kelsi <kelsihates2fa@gmail.com>
Date: Sat, 14 Mar 2026 14:13:39 -0700
Subject: [PATCH] fix(combatlog): validate packed GUID bounds in spell energize
 log

---
 src/game/game_handler.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/game/game_handler.cpp b/src/game/game_handler.cpp
index c7c69c26..f629002c 100644
--- a/src/game/game_handler.cpp
+++ b/src/game/game_handler.cpp
@@ -4126,11 +4126,13 @@ void GameHandler::handlePacket(network::Packet& packet) {
                     return (packet.getSize() - packet.getReadPos() >= 8) ? packet.readUInt64() : 0;
                 return UpdateObjectParser::readPackedGuid(packet);
             };
-            if (packet.getSize() - packet.getReadPos() < (energizeTbc ? 8u : 1u)) {
+            if (packet.getSize() - packet.getReadPos() < (energizeTbc ? 8u : 1u)
+                || (!energizeTbc && !hasFullPackedGuid(packet))) {
                 packet.setReadPos(packet.getSize()); break;
             }
             uint64_t victimGuid = readEnergizeGuid();
-            if (packet.getSize() - packet.getReadPos() < (energizeTbc ? 8u : 1u)) {
+            if (packet.getSize() - packet.getReadPos() < (energizeTbc ? 8u : 1u)
+                || (!energizeTbc && !hasFullPackedGuid(packet))) {
                 packet.setReadPos(packet.getSize()); break;
             }
             uint64_t casterGuid = readEnergizeGuid();