Sophie

Sophie

distrib > Mandriva > 2007.1 > x86_64 > by-pkgid > 4ac73489b9ec6b1b8b630949a91045aa > files > 3

netpanzer-0.8-2mdv2007.0.src.rpm

--- netpanzer-0.8/src/NetPanzer/Classes/Network/ServerConnectDaemon.cpp.CVE-2006-2575	2004-11-09 12:30:29.000000000 +0100
+++ netpanzer-0.8/src/NetPanzer/Classes/Network/ServerConnectDaemon.cpp	2006-06-06 20:08:27.000000000 +0200
@@ -35,6 +35,7 @@
 #include "SystemNetMessage.hpp"
 
 #include "ConsoleInterface.hpp"
+#include "SelectionBoxSprite.hpp"
 #include "Util/Log.hpp"
 
 enum { _connect_state_idle,
@@ -330,7 +331,13 @@
             client_setting = (ConnectClientSettings *) message;
             connect_player_state->setName( client_setting->player_name );
             connect_player_state->unit_config.setUnitColor( client_setting->unit_color );
-            connect_player_state->setFlag( client_setting->getPlayerFlag() );
+            if ( (client_setting->getPlayerFlag() < 0) ||
+                 (client_setting->getPlayerFlag() >= UNIT_FLAGS_SURFACE.getFrameCount()) )
+                /* FIXME we realy should send an error to the client here, but
+                   AFAIK there is no room in the current protocol for this */
+                connect_player_state->setFlag( 0 );
+            else
+                connect_player_state->setFlag( client_setting->getPlayerFlag() );
 
             connect_player_state->setID( connect_player_id.getNetworkID() );
             connect_player_state->setStatus( _player_state_connecting );

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional