Originally posted by [b]theultramage[/b]
http://www.eathena.ws/board/index.php?autocom=bugtracker&showbug=12
Short summary:
There is a missing check in clif_parse_partychangeoption() which lets anyone modify party settings.
Also, I have some inquiries / ideas about setting the party settings this way. Read below for details.
I've found a minor 'bug' while reading one forum. The fact is, you are able to send a party option change packet and the server will not check whether you are a leader or not. I can't imagine how it could be used to exploit anything, other than being a poor man's version of @changeleader.
And by the way, as I was checking it...
ea's version
CODE
void clif_parse_PartyChangeOption(int fd, struct map_session_data *sd)
{
struct party_data *p;
RFIFOHEAD(fd);
if(!sd->status.party_id)
return;
p = party_search(sd->status.party_id);
if (!p) return;
//The client no longer can change the item-field, therefore it always
//comes as zero. Here, resend the item data as it is.
// party_changeoption(sd, RFIFOW(fd,2), RFIFOW(fd,4));
party_changeoption(sd, RFIFOW(fd,2), p->party.item);
}
ja's / freya's / eapp's vesion
CODE
void clif_parse_PartyChangeOption(int fd, struct map_session_data *sd) {
party_changeoption(sd, RFIFOW(fd,2), RFIFOW(fd,4));
}
Now what is this supposed to be? It was added in
r7737. Either that's wrong and ja/freya/eapp will reset item share back to 0 each time you change exp share settings (rather unlikely, don't you think?), or they are skipping the change somewhere else (maybe on the charserver). Or it's wrong. Didn't feel like checking out such details.
(original topic can be found
here)