fix(render): code quality cleanup

Magic number elimination: - Create protocol_constants.hpp, warden_constants.hpp, render_constants.hpp, ui_constants.hpp - Replace ~55 magic numbers across game_handler, warden_handler, m2_renderer_render Reduce nesting depth: - Extract 5 parseEffect* methods from handleSpellLogExecute (max indent 52 → 16 cols) - Extract resolveSpellSchool/playSpellCastSound/playSpellImpactSound from 3× duplicate audio blocks in handleSpellGo - Flatten SMSG_INVENTORY_CHANGE_FAILURE with early-return guards - Extract drawScreenEdgeVignette() for 3 duplicate vignette blocks DRY extract patterns: - Replace 12 compound expansion checks with isPreWotlk() across movement_handler (9), chat_handler (1), social_handler (1) const to constexpr: - Promote 23+ static const arrays/scalars to static constexpr across 12 source files Error handling: - Convert PIN auth from exceptions to std::optional<PinProof> - Add [[nodiscard]] to 15+ initialize/parse methods - Wrap ~20 unchecked initialize() calls with LOG_WARNING/LOG_ERROR Signed-off-by: Pavel Okhlopkov <pavel.okhlopkov@flant.com>
2026-05-06 17:13:51 +00:00 · 2026-04-06 22:43:13 +03:00 · 2026-04-06 22:43:13 +03:00 · 97106bd6ae
commit 97106bd6ae
parent 2e8856bacd
41 changed files with 849 additions and 424 deletions
--- a/src/auth/auth_handler.cpp
+++ b/src/auth/auth_handler.cpp
@ -265,16 +265,15 @@ void AuthHandler::sendLogonProof() {
    const std::array<uint8_t, 20>* crcHashPtr = nullptr;

    if (securityFlags_ & kSecurityFlagPin) {
-        try {
-            PinProof proof = computePinProof(pendingSecurityCode_, pinGridSeed_, pinServerSalt_);
-            pinClientSalt = proof.clientSalt;
-            pinHash = proof.hash;
-            pinClientSaltPtr = &pinClientSalt;
-            pinHashPtr = &pinHash;
-        } catch (const std::exception& e) {
-            fail(std::string("PIN required but invalid: ") + e.what());
+        auto proof = computePinProof(pendingSecurityCode_, pinGridSeed_, pinServerSalt_);
+        if (!proof) {
+            fail("PIN required but invalid input");
            return;
        }
+        pinClientSalt = proof->clientSalt;
+        pinHash = proof->hash;
+        pinClientSaltPtr = &pinClientSalt;
+        pinHashPtr = &pinHash;
    }

    // Legacy client integrity hash (aka "CRC hash"). Some servers enforce this for classic builds.
--- a/src/auth/pin_auth.cpp
+++ b/src/auth/pin_auth.cpp
@ -1,8 +1,9 @@
 #include "auth/pin_auth.hpp"
 #include "auth/crypto.hpp"
+#include "core/logger.hpp"
 #include <algorithm>
+#include <optional>
 #include <random>
-#include <stdexcept>
 #include <vector>

 namespace wowee {
@ -46,7 +47,7 @@ static std::array<uint8_t, 10> remapPinGrid(uint32_t seed) {
    return remapped;
 }

-static std::vector<uint8_t> randomizePinDigits(const std::string& pinDigits,
+static std::optional<std::vector<uint8_t>> randomizePinDigits(const std::string& pinDigits,
                                               const std::array<uint8_t, 10>& remapped) {
    // Transforms each pin digit into an index in the remapped permutation.
    // Based on:
@ -61,7 +62,8 @@ static std::vector<uint8_t> randomizePinDigits(const std::string& pinDigits,
            if (remapped[j] == d) { idx = j; break; }
        }
        if (idx == 0xFF) {
-            throw std::runtime_error("PIN digit not found in remapped grid");
+            LOG_ERROR("PIN digit not found in remapped grid");
+            return std::nullopt;
        }
        // PIN grid encodes each digit as its ASCII character ('0'..'9') for the
        // server-side HMAC computation — this matches Blizzard's auth protocol.
@ -71,25 +73,28 @@ static std::vector<uint8_t> randomizePinDigits(const std::string& pinDigits,
    return out;
 }

-PinProof computePinProof(const std::string& pinDigits,
+std::optional<PinProof> computePinProof(const std::string& pinDigits,
                         uint32_t pinGridSeed,
                         const std::array<uint8_t, 16>& serverSalt) {
    if (pinDigits.size() < 4 || pinDigits.size() > 10) {
-        throw std::runtime_error("PIN must be 4-10 digits");
+        LOG_ERROR("PIN must be 4-10 digits, got ", pinDigits.size());
+        return std::nullopt;
    }
    if (!std::all_of(pinDigits.begin(), pinDigits.end(),
                     [](unsigned char c) { return c >= '0' && c <= '9'; })) {
-        throw std::runtime_error("PIN must contain only digits");
+        LOG_ERROR("PIN must contain only digits");
+        return std::nullopt;
    }

    const auto remapped = remapPinGrid(pinGridSeed);
    const auto randomizedAsciiDigits = randomizePinDigits(pinDigits, remapped);
+    if (!randomizedAsciiDigits) return std::nullopt;

    // server_hash = SHA1(server_salt || randomized_pin_ascii)
    std::vector<uint8_t> serverHashInput;
-    serverHashInput.reserve(serverSalt.size() + randomizedAsciiDigits.size());
+    serverHashInput.reserve(serverSalt.size() + randomizedAsciiDigits->size());
    serverHashInput.insert(serverHashInput.end(), serverSalt.begin(), serverSalt.end());
-    serverHashInput.insert(serverHashInput.end(), randomizedAsciiDigits.begin(), randomizedAsciiDigits.end());
+    serverHashInput.insert(serverHashInput.end(), randomizedAsciiDigits->begin(), randomizedAsciiDigits->end());
    const auto serverHash = Crypto::sha1(serverHashInput); // 20 bytes

    PinProof proof;