A banned player could still enter the game using a login key (stored in cache until the db is restarted). This exploit could also cause game authentication crashes with invalid keys, leading to permanent damage.
Implementation:
📂 File Location: ‘game -> cmd_gm.cpp’
🔍 Search:
ACMD(do_disconnect)
DESC_MANAGER::instance().DestroyDesc(d);
➕ Add:
DESC_MANAGER::instance().DestroyLoginKey(d); //fix martysama loginkey
📂 File Location: ‘game ->desc.cpp’
🔍 Search:
EVENTFUNC(ping_event)
if (!desc->IsPong())
{
sys_log(0, "PING_EVENT: no pong %s", desc->GetHostName());
➕ Add below:
DESC_MANAGER::instance().DestroyLoginKey(desc); //fix martysama loginkey
📂 File Location: ‘game ->desc_manager.cpp’
🔍 Search:
void DESC_MANAGER::DisconnectAccount(const std::string& login)
{
dev_log(LOG_DEB0, "BBBB DisConnectAccount(%s)", login.c_str());
m_map_loginName.erase(login);
}
➕ Add below:
//fix martysama loginkey
void DESC_MANAGER::DestroyLoginKey(const std::string& msg) const
{
if (msg.empty())
return;
TPacketDC p{};
strlcpy(p.login, msg.data(), sizeof(p.login));
db_clientdesc->DBPacket(HEADER_GD_DC, 0, &p, sizeof(p));
}
void DESC_MANAGER::DestroyLoginKey(const LPDESC d) const
{
if (!d)
return;
DestroyLoginKey(d->GetAccountTable().login);
}
📂 File Location: ‘game ->desc_manager.h’
🔍 Search:
LPDESC AcceptDesc(LPFDWATCH fdw, socket_t s);
LPDESC AcceptP2PDesc(LPFDWATCH fdw, socket_t s);
➕ Add below:
//fix martysama loginkey
void DestroyLoginKey(const std::string& msg) const;
void DestroyLoginKey(const LPDESC d) const;
📂 File Location: ‘game ->input.cpp’
🔍 Search:
// delete login key
{
TPacketDC p;
strlcpy(p.login, msg.c_str(), sizeof(p.login));
db_clientdesc->DBPacket(HEADER_GD_DC, 0, &p, sizeof(p));
➕ Add below:
DESC_MANAGER::instance().DestroyLoginKey(msg); //fix martysama loginkey