fix(gacha): prevent panics from misconfigured gacha entries (#175)

getRandomEntries panics with rand.Intn(0) when box gacha has more rolls than available entries. Fix by clamping rolls, guarding empty entries and zero-weight pools, and fixing an out-of-bounds slice in the receive handler overflow path.
2026-03-28 10:32:55 +01:00 · 2026-03-10 11:19:22 +01:00
parent eaac12fac5
commit 915e9bc0b0
3 changed files with 61 additions and 5 deletions
--- a/server/channelserver/handlers_gacha.go
+++ b/server/channelserver/handlers_gacha.go
@@ -88,8 +88,10 @@ func handleMsgMhfReceiveGachaItem(s *Session, p mhfpacket.MHFPacket) {
 		data = []byte{0x00}
 	}

-	// I think there are still some edge cases where rewards can be nulled via overflow
-	if data[0] > 36 || len(data) > 181 {
+	// Handle overflow: the client can only display 36 items (36 * 5 + 1 count byte = 181 bytes).
+	// If there are more, send the first 36 and keep the rest for next time.
+	isOverflow := len(data) > 181 && data[0] > 36
+	if isOverflow {
 		resp := byteframe.NewByteFrame()
 		resp.WriteUint8(36)
 		resp.WriteBytes(data[1:181])
@@ -99,7 +101,7 @@ func handleMsgMhfReceiveGachaItem(s *Session, p mhfpacket.MHFPacket) {
 	}

 	if !pkt.Freeze {
-		if data[0] > 36 || len(data) > 181 {
+		if isOverflow {
 			update := byteframe.NewByteFrame()
 			update.WriteUint8(uint8(len(data[181:]) / 5))
 			update.WriteBytes(data[181:])