From 93d7b5a92e9795bb977bd01603290e3acc73329d Mon Sep 17 00:00:00 2001 From: lare96 Date: Sun, 23 Feb 2014 01:06:23 -0500 Subject: [PATCH 1/2] Update LoginDecoder.java. --- src/org/apollo/net/codec/login/LoginDecoder.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/org/apollo/net/codec/login/LoginDecoder.java b/src/org/apollo/net/codec/login/LoginDecoder.java index 71bc853b..f49a8da4 100644 --- a/src/org/apollo/net/codec/login/LoginDecoder.java +++ b/src/org/apollo/net/codec/login/LoginDecoder.java @@ -182,6 +182,10 @@ public final class LoginDecoder extends StatefulFrameDecoder if (username.length() > 12 || password.length() > 20) { throw new Exception("Username or password too long."); } + + if (username.equals("") || password.equals("")) { + throw new Exception("Invalid username or password."); + } int[] seed = new int[4]; seed[0] = (int) (clientSeed >> 32); @@ -209,4 +213,4 @@ public final class LoginDecoder extends StatefulFrameDecoder } } -} \ No newline at end of file +} From e9669d7e90c9eb48214fa31c66fb437cadab3fa9 Mon Sep 17 00:00:00 2001 From: lare96 Date: Sun, 23 Feb 2014 03:01:59 -0500 Subject: [PATCH 2/2] Update LoginDecoder.java. --- src/org/apollo/net/codec/login/LoginDecoder.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/org/apollo/net/codec/login/LoginDecoder.java b/src/org/apollo/net/codec/login/LoginDecoder.java index f49a8da4..1e87d17c 100644 --- a/src/org/apollo/net/codec/login/LoginDecoder.java +++ b/src/org/apollo/net/codec/login/LoginDecoder.java @@ -179,11 +179,11 @@ public final class LoginDecoder extends StatefulFrameDecoder String username = BufferUtil.readString(securePayload); String password = BufferUtil.readString(securePayload); - if (username.length() > 12 || password.length() > 20) { - throw new Exception("Username or password too long."); + if (!(username.length() < 13 || password.length() > 5 && password.length() < 21)) { + throw new Exception("Invalid username or password length."); } - if (username.equals("") || password.equals("")) { + if (username.isEmpty() || password.isEmpty()) { throw new Exception("Invalid username or password."); }