Auth: Add safeguard against too high pin count

cmangos · Oct 20, 2024 · 9d29b59 · 9d29b59
1 parent 5625410
commit 9d29b59
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/realmd/AuthSocket.cpp b/src/realmd/AuthSocket.cpp
@@ -583,7 +583,7 @@ bool AuthSocket::_HandleLogonProof()
                 std::shared_ptr<uint8> pinCount = std::make_shared<uint8>();
                 self->Read((char*)pinCount.get(), sizeof(uint8), [self, pinCount, lp](const boost::system::error_code& error, std::size_t read)
                 {
-                    if (error)
+                    if (error || *pinCount > 16)
                     {
                         self->Write(logonProofUnknownAccountPinInvalid, sizeof(logonProofUnknownAccountPinInvalid), [self](const boost::system::error_code& error, std::size_t read) { self->Close();});
                         return;