phaneron/Kelsidavis-WoWee
1
0
Fork 0
mirror of https://github.com/Kelsidavis/WoWee.git synced 2026-04-25 13:03:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix(combatlog): enforce TBC spell damage/heal packet bounds

Browse source
This commit is contained in:
Kelsi 2026-03-14 13:59:07 -07:00
parent 6ccfdc9d11
commit c9467778dc
1 changed files with 31 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

20
src/game/packet_parsers_tbc.cpp
View file

@ -1436,8 +1436,15 @@ bool TbcPacketParsers::parseAttackerStateUpdate(network::Packet& packet, Attacke
// TBC uses full uint64 GUIDs; WotLK uses packed GUIDs.
// ============================================================================
bool TbcPacketParsers::parseSpellDamageLog(network::Packet& packet, SpellDamageLogData& data) {
if (packet.getSize() - packet.getReadPos() < 29) return false;
// Fixed TBC payload size:
// targetGuid(8) + attackerGuid(8) + spellId(4) + damage(4) + schoolMask(1)
// + absorbed(4) + resisted(4) + periodicLog(1) + unused(1) + blocked(4) + flags(4)
// = 43 bytes
if (packet.getSize() - packet.getReadPos() < 43) return false;
data = SpellDamageLogData{};
const size_t startPos = packet.getReadPos();
data.targetGuid = packet.readUInt64(); // full GUID in TBC
data.attackerGuid = packet.readUInt64(); // full GUID in TBC
data.spellId = packet.readUInt32();
@ -1456,6 +1463,11 @@ bool TbcPacketParsers::parseSpellDamageLog(network::Packet& packet, SpellDamageL
// TBC does not have an overkill field here
data.overkill = 0;
if (packet.getReadPos() - startPos != 43) {
packet.setReadPos(startPos);
return false;
}
LOG_DEBUG("[TBC] Spell damage: spellId=", data.spellId, " dmg=", data.damage,
data.isCrit ? " CRIT" : "");
return true;
@ -1467,7 +1479,11 @@ bool TbcPacketParsers::parseSpellDamageLog(network::Packet& packet, SpellDamageL
// TBC uses full uint64 GUIDs; WotLK uses packed GUIDs.
// ============================================================================
bool TbcPacketParsers::parseSpellHealLog(network::Packet& packet, SpellHealLogData& data) {
if (packet.getSize() - packet.getReadPos() < 25) return false;
// Fixed payload is 28 bytes; many cores append crit flag (1 byte).
// targetGuid(8) + casterGuid(8) + spellId(4) + heal(4) + overheal(4)
if (packet.getSize() - packet.getReadPos() < 28) return false;
data = SpellHealLogData{};
data.targetGuid = packet.readUInt64(); // full GUID in TBC
data.casterGuid = packet.readUInt64(); // full GUID in TBC