tehmarto

Hi, Very nice thread, I've done wall climb cheat detection. But I am wondering how offi detects if movement speed value been edited. I looked at persed sniffs that tom_rus posted and looks like it scans only offsets with start with 0x0 or 0x00. From this I see that it scans only static offset - movement speed offset is not static, when i scan with memory scanner, speed is located at different place always. So to find what address is speed located at through warden so I can scan that offset, I need to do the following: Send packet that scans the static offset - player base (0x00CD87A8 at 3.3.5a) Handle the response packet and send another offset check that is the "playerBase" offset response + 0x34 Handle the response packet again and send the value from response + 0x24 Handle again packet and send the response value + the movement speed offset And now I got the movement speed offset and check the movement speed value. From what I see offi got faster way to scan for speed hacks. Can anyone give me a hint how they do it? Thanks again.

But how it loads maiev.mod? I putted breakpoints on every loadlibrary and I didn't see it loading maiev.mod.

Seem to got it right after all except when I send the cheat checks that way: buffer_add_int8(buf, CHEAT_CHECKS); buffer_add_int8(buf, 0); buffer_add_int8(buf, warden_str->MEM_CHECK ^ warden_str->out_key[0]); buffer_add_int8(buf, 0); buffer_add_int32(buf, 0x00ADA378); buffer_add_int8(buf, 4); buffer_add_int8(buf, warden_str->out_key[0]); It responds the same value no matter what offset I send and after that it stops responding to my memory cheat checks.

That is very good idea about getting the rc4 keys from memory, but that way I would have to use only one module with sending the same seed in 0x05. Defenetly gonna try that. Anyways I find maiev.mod string in battle.net.dll but wow runs and responses to warden packets without battle.net.dll, and I deleted cache too. Anyone can tell me how to get maiev.mod? Thanks. I looked in wow.exe by searching for strings maiev.mod and also putted breakpoints on every loadlibrary functions and didn't see it loading maiev.mod or battle.net.dll.

I don't seem to find any maiev.mod. Is it removed on 3.3.5? Perhaps its replaced with scan.dll in wow folder, scan.dll does some cheat scanning too from what I see. Edit: Well now I see that scan.dll is not related to warden.

Hi, I'm back at this interesting code with more knowledge about this thing than i had last time . I am stuck at the 0x05 opcode and its response. Can someone please help me? How the client generates the hash? What is this module specific hash? How can I get it? I'm completely stuck at this 0x05 and 0x04 opcode. Thanks.

Did it print the error? In fact i looked at the code using AddSpellAuraHolder and didn't see anywhere adding aura in m_modAuras.

Revision is old yes. No custom patches related to this crash

Here some crash dumps related to this: http://pastebin.com/D5UUZb33 http://pastebin.com/bmrfmiYW http://pastebin.com/dJR1b4r6 http://pastebin.com/p3iZN4ts http://pastebin.com/B4kZnhXk This type of crashes have repeated many times. I don't think this crashes can be caused by something other than a invalid pointer into m_modAuras.

for(int i=0; i < MAX_EFFECT_INDEX; ++i) { if(holder->m_auras[i]) { AuraList const& auras = GetAurasByType(holder->m_auras[i]->GetModifier()->m_auraname); for(AuraList::const_iterator itr = auras.begin(); itr != auras.end(); ++itr) { if(holder->m_auras[i] == *itr) { sLog.outError("deleting aura witch otherwise would stay in auralist and cause crash later"); m_modAuras[(*itr)->GetModifier()->m_auraname].remove(*itr); itr = auras.begin(); } } } } This can be placed before delete holder; everywhere where in code is delete holder; to test if pointer in auralist when delete pointer.

Recently I seen many crashes where auras are get by GetAurasByType(type) and looping them after that cause segmental fault (access violation) crashes. I think reason for that is because, when delete holder it deletes its auras too, but invalid pointer to auras still stored in m_modAuras[]. For example here. bool Unit::AddSpellAuraHolder(SpellAuraHolder *holder) { SpellEntry const* aurSpellInfo = holder->GetSpellProto(); // ghost spell check, allow apply any auras at player loading in ghost mode (will be cleanup after load) if( !isAlive() && !IsDeathPersistentSpell(aurSpellInfo) && !IsDeathOnlySpell(aurSpellInfo) && (GetTypeId()!=TYPEID_PLAYER || !((Player*)this)->GetSession()->PlayerLoading()) ) { delete holder; return false; } Before delete holder, there should be: for(int i=0; i < MAX_EFFECT_INDEX; ++i) if(holder->m_auras[i]) m_modAuras[holder->m_auras[i]->GetModifier()->m_auraname].remove(*itr); And everywhere where we delete holder should happen the same. I don't know how to reproduce the crash actually so i can test it with and without this thing and thats the reason why i post it here, and not sure if it fixes something actually - that needs to be tested when put on a server with many people where it crash more often and see if the crashes with getAurasbyType loops stop. I have no place to test that now. Thanks.

in SpellMgr.cpp What bug does the patch fix? What features does the patch add? It fixes mistaken J with I. For which repository revision was the patch created? Should work with any. Who has been writing this patch? Please include either forum user names or email addresses. Me. @@ -298,11 +298,11 @@ bool IsNoStackAuraDueToAura(uint32 spellId_1, uint32 spellId_2) if(!spellInfo_1 || !spellInfo_2) return false; if(spellInfo_1->Id == spellId_2) return false; for (int32 i = 0; i < MAX_EFFECT_INDEX; ++i) { - for (int32 j = 0; i < MAX_EFFECT_INDEX; ++j) + for (int32 j = 0; j < MAX_EFFECT_INDEX; ++j) { if (spellInfo_1->Effect[i] == spellInfo_2->Effect[j] && spellInfo_1->EffectApplyAuraName[i] == spellInfo_2->EffectApplyAuraName[j] && spellInfo_1->EffectMiscValue[i] == spellInfo_2->EffectMiscValue[j] && spellInfo_1->EffectItemType[i] == spellInfo_2->EffectItemType[j])

What up, Well for now the best thing I come up against it is this diff --git a/src/game/Player.cpp b/src/game/Player.cpp index 8456e39..825a304 100644 --- a/src/game/Player.cpp +++ b/src/game/Player.cpp @@ -464,10 +469,12 @@ Player::Player (WorldSession *session): Unit(), m_achievementMgr(this), m_reputa // group is initialized in the reference constructor SetGroupInvite(NULL); m_groupUpdateMask = 0; m_auraUpdateMask = 0; + + GlobalCDEnd = 0; duel = NULL; m_GuildIdInvited = 0; m_ArenaTeamIdInvited = 0; @@ -18785,10 +18856,13 @@ void Player::AddSpellAndCategoryCooldowns(SpellEntry const* spellInfo, uint32 it cat = spellInfo->Category; rec = spellInfo->RecoveryTime; catrec = spellInfo->CategoryRecoveryTime; } + if(spellInfo->StartRecoveryTime) + SetGlobalCD(clock()+spellInfo->StartRecoveryTime); + time_t curTime = time(NULL); time_t catrecTime; time_t recTime; diff --git a/src/game/Player.h b/src/game/Player.h index 8456e39..825a304 100644 --- a/src/game/Player.h +++ b/src/game/Player.h @@ -1662,10 +1666,12 @@ class MANGOS_DLL_SPEC Player : public Unit PlayerSpellMap const& GetSpellMap() const { return m_spells; } PlayerSpellMap & GetSpellMap() { return m_spells; } SpellCooldowns const& GetSpellCooldownMap() const { return m_spellCooldowns; } + void SetGlobalCD(clock_t newCD) {GlobalCDEnd = newCD;} + bool HasGlobalCD() {return GlobalCDEnd > clock();} PlayerTalent const* GetKnownTalentById(int32 talentId) const; SpellEntry const* GetKnownTalentRankById(int32 talentId) const; void AddSpellMod(SpellModifier* mod, bool apply); @@ -2485,10 +2504,11 @@ class MANGOS_DLL_SPEC Player : public Unit PlayerMails m_mail; PlayerSpellMap m_spells; PlayerTalentMap m_talents[MAX_TALENT_SPEC_COUNT]; SpellCooldowns m_spellCooldowns; + clock_t GlobalCDEnd; uint32 m_lastPotionId; // last used health/mana potion in combat, that block next potion use uint8 m_activeSpec; uint8 m_specsCount; diff --git a/src/game/Spell.cpp b/src/game/Spell.cpp index c1723f7..1cf75b4 100644 --- a/src/game/Spell.cpp +++ b/src/game/Spell.cpp @@ -4221,10 +4277,14 @@ SpellCastResult Spell::CheckCast(bool strict) } else if(m_caster->HasAura(m_spellInfo->excludeCasterAuraSpell)) return SPELL_FAILED_CASTER_AURASTATE; } + if( m_caster->GetTypeId()==TYPEID_PLAYER && !m_triggeredByAuraSpell && m_spellInfo->StartRecoveryTime && + ((Player*)m_caster)->HasGlobalCD()) + return SPELL_FAILED_NOT_READY; + // cancel autorepeat spells if cast start when moving // (not wand currently autorepeat cast delayed to moving stop anyway in spell update code) if( m_caster->GetTypeId() == TYPEID_PLAYER && ((Player*)m_caster)->isMoving() ) { // skip stuck spell to allow use it in falling case and apply spell limitations at movement But, some spells have global cd and some don't, some spells are affected by global cd and some are not. Global cd are on client side only right now and that allow cheating. What I am wondering about is, how client decides what spells are affected by global cd and whitch are not affected, for example gift of the naaru don't put global cd but is affected by global cd and it has 0 on StartRecoveryTime. I didn't find an attribute that defines the spell to not be affected by the global cd. So anyone got idea how the client checks if it should put a global cd on a spell or not so we can make the same check on client-side to prevent cheating? Thanks.

diff --git a/src/game/SpellAuras.cpp b/src/game/SpellAuras.cpp index e71b630..b0d9908 100644 --- a/src/game/SpellAuras.cpp +++ b/src/game/SpellAuras.cpp @@ -4022,11 +4080,11 @@ void Aura::HandleModStealth(bool apply, bool Real) m_target->CastCustomSpell(m_target,31665,&bp,NULL,NULL,true); } // Overkill else if ((*i)->GetId() == 58426 && GetSpellProto()->SpellFamilyFlags & UI64LIT(0x0000000000400000)) { - m_target->RemoveAurasDueToSpell(58428); + (*i)->m_isPeriodic = false; m_target->CastSpell(m_target, 58427, true); } } } } @@ -4061,11 +4119,14 @@ void Aura::HandleModStealth(bool apply, bool Real) // Master of Subtlety if ((*i)->GetSpellProto()->SpellIconID == 2114) m_target->CastSpell(m_target, 31666, true); // Overkill else if ((*i)->GetId() == 58426 && GetSpellProto()->SpellFamilyFlags & UI64LIT(0x0000000000400000)) - m_target->CastSpell(m_target, 58428, true); + { + (*i)->m_periodicTimer = 20000; + (*i)->m_isPeriodic = true; + } } } } } @@ -7848,10 +8013,14 @@ void Aura::PeriodicDummyTick() case 0: m_target->CastSpell(m_target, 55731, true); break; case 1: m_target->CastSpell(m_target, 55738, true); break; case 2: m_target->CastSpell(m_target, 55739, true); break; } return; + case 58426: + m_target->RemoveAurasDueToSpell(58427); + m_isPeriodic = false; + return; // Exist more after, need add later default: break; } // Prey on the Weak Best way I can think of, but still i think it's hacky. Btw it not proc from vanish I think due to GetSpellProto()->SpellFamilyFlags & UI64LIT(0x0000000000400000) , Is this needed and should it proc from vanish?

What bug does the patch fix? What features does the patch add? When i debugged i saw spells to have SPELL_DIRECT_DAMAGE but not DIRECT_DAMAGE. So when i changed it spell deflection started working For which repository revision was the patch created? Works with 9842. Is there a thread in the bug report section or at lighthouse? If yes, please add a link to the thread. Don't find. Who has been writing this patch? Please include either forum user names or email addresses. Me. diff --git a/src/game/Unit.cpp b/src/game/Unit.cpp index f510fc0..6cced83 100644 --- a/src/game/Unit.cpp +++ b/src/game/Unit.cpp @@ -1931,11 +1934,11 @@ void Unit::CalculateAbsorbAndResist(Unit *pCaster, SpellSchoolMask schoolMask, D } // Spell Deflection if (spellProto->SpellIconID == 3006) { // You have a chance equal to your Parry chance - if (damagetype == DIRECT_DAMAGE && // Only for direct damage + if (damagetype == SPELL_DIRECT_DAMAGE && // Only for direct damage roll_chance_f(GetUnitParryChance())) // Roll chance RemainingDamage -= RemainingDamage * currentAbsorb / 100; continue; } // Reflective Shield (Lady Malande boss)

What bug does the patch fix? What features does the patch add? Fixes Butchery to restore runic power. For which repository revision was the patch created? Works with 9842. Is there a thread in the bug report section or at lighthouse? If yes, please add a link to the thread. Don't find any. Who has been writing this patch? Please include either forum user names or email addresses. Me. diff --git a/src/game/SpellAuras.cpp b/src/game/SpellAuras.cpp index e71b630..b0d9908 100644 --- a/src/game/SpellAuras.cpp +++ b/src/game/SpellAuras.cpp @@ -5309,11 +5441,13 @@ void Aura::HandleModPowerRegen(bool apply, bool Real) // drinking if(m_modifier.periodictime == 0) { // Anger Management (only spell use this aura for rage) if (pt == POWER_RAGE) m_modifier.periodictime = 3000; - else + else if(pt == POWER_RUNIC_POWER) + m_modifier.periodictime = 5000; + else m_modifier.periodictime = 2000; } m_periodicTimer = 5000; @@ -7555,10 +7713,13 @@ void Aura::PeriodicTick() // Anger Management // amount = 1+ 16 = 17 = 3,4*5 = 10,2*5/3 // so 17 is rounded amount for 5 sec tick grow ~ 1 range grow in 3 sec if(pt == POWER_RAGE) m_target->ModifyPower(pt, m_modifier.m_amount * 3 / 5); + // Butchery + else if(pt == POWER_RUNIC_POWER && m_target->isInCombat()) + m_target->ModifyPower(pt, m_modifier.m_amount); break; } // Here tick dummy auras case SPELL_AURA_DUMMY: // some spells have dummy aura case SPELL_AURA_PERIODIC_DUMMY:

What bug does the patch fix? What features does the patch add? As far as I know revitalize should restore 1% from max mana, not from base mana. For which repository revision was the patch created? Works with with 9842 . For which repository revision was the patch created? Is there a thread in the bug report section or at lighthouse? If yes, please add a link to the thread. Who has been writing this patch? Please include either forum user names or email addresses. Me. diff --git a/src/game/SpellEffects.cpp b/src/game/SpellEffects.cpp index c1723f7..1cf75b4 100644 --- a/src/game/SpellEffects.cpp +++ b/src/game/SpellEffects.cpp @@ -3413,15 +3449,17 @@ void Spell::EffectEnergize(SpellEffectIndex eff_idx) case 24532: // Burst of Energy level_diff = m_caster->getLevel() - 60; level_multiplier = 4; break; case 31930: // Judgements of the Wise - case 48542: // Revitalize (mana restore case) case 63375: // Improved Stormstrike case 68082: // Glyph of Seal of Command damage = damage * unitTarget->GetCreateMana() / 100; break; + case 48542: // Revitalize (mana restore case) + damage = damage * unitTarget->GetMaxPower(POWER_MANA) / 100; + break; default: break; } if (level_diff > 0)

What bug does the patch fix? What features does the patch add? When u make your jewelcrafting skill to 350 you can use gems of this type http://www.wowhead.com/item=42142 , but when you unlearn jc you can still use the item with this gem and u shouldn't be able to use the item and when u relog item should go into your mail. Same thing is for enchants from BS, enchanting, leatherworking and tailoring. For which repository revision was the patch created? Don't remember witch revision i made patch for but works with 9842. Is there a thread in the bug report section or at lighthouse? If yes, please add a link to the thread. Don't find any Who has been writing this patch? Please include either forum user names or email addresses. Me. diff --git a/src/game/DBCfmt.h b/src/game/DBCfmt.h index e71b630..b0d9908 100644 --- a/src/game/DBCfmt.h +++ b/src/game/DBCfmt.h @@ -88,11 +88,11 @@ const char SoundEntriesfmt[]="nxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; const char SpellCastTimefmt[]="nixx"; const char SpellDurationfmt[]="niii"; const char SpellDifficultyfmt[]="niiii"; const char SpellEntryfmt[]="niiiiiiiiiixixixiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiifxiiiiiiiiiiiiiiiiiiiiiiiiiiiifffiiiiiiiiiiiiiiiiiiiiifffiiiiiiiiiiiiiiifffiiiiiiiiiiiiixssssssssssssssssxssssssssssssssssxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxiiiiiiiiiiixfffxxxiiiiixxxxxxi"; const char SpellFocusObjectfmt[]="nxxxxxxxxxxxxxxxxx"; -const char SpellItemEnchantmentfmt[]="nxiiiiiixxxiiissssssssssssssssxiiiixxx"; +const char SpellItemEnchantmentfmt[]="nxiiiiiixxxiiissssssssssssssssxiiiiiix"; const char SpellItemEnchantmentConditionfmt[]="nbbbbbxxxxxbbbbbbbbbbiiiiiXXXXX"; const char SpellRadiusfmt[]="nfxf"; const char SpellRangefmt[]="nffffxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; const char SpellRuneCostfmt[]="niiii"; const char SpellShapeshiftfmt[]="nxxxxxxxxxxxxxxxxxxiixiiixxiiiiiiii"; diff --git a/src/game/DBCStructure.h b/src/game/DBCStructure.h index e71b630..b0d9908 100644 --- a/src/game/DBCStructure.h +++ b/src/game/DBCStructure.h @@ -1570,12 +1570,12 @@ struct SpellItemEnchantmentEntry //uint32 descriptionFlags; // 30 name flags uint32 aura_id; // 31 m_itemVisual uint32 slot; // 32 m_flags uint32 GemID; // 33 m_src_itemID uint32 EnchantmentCondition; // 34 m_condition_id - //uint32 requiredSkill; // 35 m_requiredSkillID - //uint32 requiredSkillValue; // 36 m_requiredSkillRank + uint32 requiredSkill; // 35 m_requiredSkillID + uint32 requiredSkillValue; // 36 m_requiredSkillRank // 37 new in 3.1 }; struct SpellItemEnchantmentConditionEntry { diff --git a/src/game/Player.cpp b/src/game/Player.cpp index c636f07..e45c09c 100644 --- a/src/game/Player.cpp +++ b/src/game/Player.cpp @@ -10283,10 +10290,23 @@ uint8 Player::CanEquipItem( uint8 slot, uint16 &dest, Item *pItem, bool swap, bo CanUnequipItem(uint16(INVENTORY_SLOT_BAG_0) << 8 | EQUIPMENT_SLOT_OFFHAND,false) != EQUIP_ERR_OK || CanStoreItem( NULL_BAG, NULL_SLOT, off_dest, offItem, false ) != EQUIP_ERR_OK )) return swap ? EQUIP_ERR_ITEMS_CANT_BE_SWAPPED : EQUIP_ERR_INVENTORY_FULL; } } + for(uint32 enchant_slot = PERM_ENCHANTMENT_SLOT; enchant_slot < MAX_ENCHANTMENT_SLOT; ++enchant_slot) + { + uint32 enchant_id = pItem->GetEnchantmentId(EnchantmentSlot(enchant_slot)); + if(!enchant_id) + continue; + + SpellItemEnchantmentEntry const* enchantEntry = sSpellItemEnchantmentStore.LookupEntry(enchant_id); + if(!enchantEntry) + continue; + + if(GetSkillValue(enchantEntry->requiredSkill) < enchantEntry->requiredSkillValue) + return EQUIP_ERR_CANT_EQUIP_SKILL; + } dest = ((INVENTORY_SLOT_BAG_0 << 8) | eslot); return EQUIP_ERR_OK; } } For gems required skill can be checked without including requiredSkil and requiredSkillValue but for enchants didn't find a way

Patch fixes the following exploit: Cast haunt on a mob (works with bosses too) and not hit the mob with other spells. Than walk around another mob (not hit that one too) when the haunt buff on the mob ends, the mob casts the healing spell on you so it can do the heal effect of haunt spell. After thats done, the second mob that don't have the haunt attacks the mob that was having the haunt and they fight each other. diff --git a/src/game/SpellAuras.cpp b/src/game/SpellAuras.cpp index e71b630..b0d9908 100644 --- a/src/game/SpellAuras.cpp +++ b/src/game/SpellAuras.cpp @@ -2721,11 +2765,11 @@ void Aura::HandleAuraDummy(bool apply, bool Real) else { int32 bp0 = m_modifier.m_amount; if (Unit* caster = GetCaster()) - m_target->CastCustomSpell(caster,48210,&bp0,NULL,NULL,true); + caster->CastCustomSpell(caster,48210,&bp0,NULL,NULL,true); } } break; } case SPELLFAMILY_PRIEST:

on trinity, if u cast any spell that has apply aura 58836 on npc it takes your name (no special implantation in trinity for that, its client side and i think it depends on the way u send SMSG_AURA_UPDATE). Name changing can be done in core but on mirror image it should do the following, when u mouse over the mirrors it should show in the mouseover window for example "level 80 human mage" witch in trinity its done with Clone Me spell. On trinity any spell u cast with aura 247 on a npc makes it show your class and race when u mouse over. I made the Clone Me and Name displaying thing with spell 57507 but i am sure it can be done with proper Clone me and initialize images spell. I used sendFakeAuraUpdate from a patch i saw for demonic circle. @@ -1022,10 +1021,14 @@ void Aura::_AddAura() if(slot < MAX_AURAS) // slot found send data to client { SetAura(false); SetAuraFlags((1 << GetEffIndex()) | AFLAG_NOT_CASTER | ((GetAuraMaxDuration() > 0) ? AFLAG_DURATION : AFLAG_NONE) | (IsPositive() ? AFLAG_POSITIVE : AFLAG_NEGATIVE)); SetAuraLevel(caster ? caster->getLevel() : sWorld.getConfig(CONFIG_MAX_PLAYER_LEVEL)); + if(GetId() == 57507) + { + SetAuraFlags((1 << GetEffIndex()) | ((GetAuraMaxDuration() > 0) ? AFLAG_DURATION : AFLAG_NONE) | (IsPositive() ? AFLAG_POSITIVE : AFLAG_NEGATIVE)); + } SendAuraUpdate(false); } //***************************************************** // Update target aura state flag (at 1 aura apply) @@ -1219,10 +1230,41 @@ bool Aura::_RemoveAura() } } return true; } +void Aura::SendFakeAuraUpdate(uint32 auraId, bool remove) +{ + WorldPacket data(SMSG_AURA_UPDATE); + data.append(m_target->GetPackGUID()); + data << uint8(64); + data << uint32(remove ? 0 : auraId); + + if(remove) + { + m_target->SendMessageToSet(&data, true); + return; + } + + uint8 auraFlags = GetAuraFlags(); + data << uint8(auraFlags); + data << uint8(GetAuraLevel()); + data << uint8(m_procCharges ? m_procCharges : m_stackAmount); + + if(!(auraFlags & AFLAG_NOT_CASTER)) + { + data << uint8(0); // pguid + } + + if(auraFlags & AFLAG_DURATION) + { + data << uint32(GetAuraMaxDuration()); + data << uint32(GetAuraDuration()); + } + + m_target->SendMessageToSet(&data, true); +} void Aura::SendAuraUpdate(bool remove) { WorldPacket data(SMSG_AURA_UPDATE); data.append(m_target->GetPackGUID()); @@ -1240,11 +1282,14 @@ void Aura::SendAuraUpdate(bool remove) data << uint8(GetAuraLevel()); data << uint8(m_procCharges ? m_procCharges*m_stackAmount : m_stackAmount); if(!(auraFlags & AFLAG_NOT_CASTER)) { - data << uint8(0); // pguid + if (Unit * caster = GetCaster()) + data.append(caster->GetPackGUID()); + else + data << uint8(0); // pguid } if(auraFlags & AFLAG_DURATION) { data << uint32(GetAuraMaxDuration()); And rest is only to do + SendFakeAuraUpdate(62388,false); u choose where to add "+ SendFakeAuraUpdate(62388,false);" , i added it in void Aura::HandleAuraInitializeImages(bool apply, bool Real) This code is only to change names and race and class display when u cast 57507. btw here is the changeset from trinity that fix mirror image http://bitbucket.org/KingPin/trinitycore2/changeset/aaf54c52f352/ . My way to change name is hacky but i think it can be done proper with change in the data sended with SMSG_AURA_UPDATE .

Well I guess our mistake was that we only wanted to fix a spell, didn't care if its hacky or not. Since there are many fixes we made i decided to post them in one topic so not waste time. Can u please review them in this mode? If u tell me i need to post them in normal way (a topic for each bug report) i can do it.

Patches are made and tested by DFteam and here they are http://filebeam.com/eac00e9c18807a7c6a5f5dcdc735da41 . We been making patches for a private project for a while now and decided it is time to share this patches. Fixes been tested on server with around 1500 testers and we didn't find any bugs or crashes caused by this fixes. Most of them are hacky but i think the following are not hacky and have a chance to get accepted: 14_vampiric_blood 16_hunger_for_blood 21_lifebloom_final_heal 22_sudden_doom - as far as i know it casts the last rank that the player has, so i made it that way 24_rend_and_tear_effect1 - but requires the AURA_STATE_BLEEDING aura state from hunger_for_blood patch 30_dash maybe? 39_quick_recovery - spell some time return double energy without this patch, one for the finishing move casted on target, and i don't know why but in action bar i see that it cast it on self too, so i guess it give energy for the one casted on self too. 46_improved_water_shield 51_the_beast_within 52_bladestorm - its only the immunity part 57_conflagrate - right now, if immolate ticks for 250 dmg, conflagrate does 1000 dmg, but if target has for example recklessness spell on him self, conflagrate does 1400 dmg instead of 1200, this happens because immolate does 20%, and if conflagrate takes bonus only from immolate it will do 1200 dmg, but it calculates the bonus from recklessness again and does 1400, all bonuses are calculated 2 times, for immolate and conflagrate, conflagrate should not take bonus from nothing, only from immolate dmg, 57_conflagrate fixes the bug 60_hex - it already fixed here http://github.com/mangos/mangos/commit/9e10c27b2a4d060e6efd8ee49fdf0c2be69b9556 but a friend that plays in offi, told me that it should remove after the target took total 5k dmg, so i made it that way, it aint gonna work without the one part for hex in 1_DBCStores, but m_amount can be set to 5000 at apply without the part in 1_DBCStores and should work 62_shadow_word_death - right now if u test on an ungeared priest it will do the same dmg to the priest as it do to the target, but if you put gear on your priest u will see that dmg done to the target is different than tha one done to the priest, because the one done to the priest don't take bonus from spell power. Patch fixes this. And i guess some of the sql fixes. More info about the patches: Some of the patches require the 1_DBCStores.diff to be applied to work. For example the second aura applied from Primal Precision spell is Add % Modifier and it don't work. I change the value loaded from content (trinity do it too ) , i make it proc trigger spell in 1_DBCStores.diff, implant it the same way as quick recovery, and it work. Changed also blood presence to proc trigger spell so it can work too. Any case: there been added so it change the value loaded from dbc, and any case: there fixes something, i need to start adding more comments to patches.

I think it's the opcode, for example u send SMSG_CONTACT_LIST, and client responds with CMSG_CONTACT_LIST, but when u send SMSG_WARDEN_DATA it don't responds cuz client dont have the module?

Last few days i was trying to implant this warden code into mangos, had some hard time clearing out the compilation errors, hardest error to clear was the linking error, took me a lot of time to find out that i should remove #define ZLIB_DLL from module.h other errors were more easy to remove, i may have implanted it not correctly and that causes the errors. So i finally start the server but it crashes instantly as someone try to log in i attach the debugger and looks like it crashes somewhere around: instance->module = memalloc(ctx->modules->size); Guess because ctx->modules->size is not initialized but used? Prints size: 0 every time. Its really the last time i try to implant someone else code into mangos. Anyone else have tried to do it?

ok so i guess the: ((MangosSendPacket)ctx->sendpacket)(ctx->session, pdata, size); should be replaced by WorldPacket data(SMSG_WARDEN_DATA, size); data << ctx->sendpacket; data << pdata; SendPacket(&data); am i right? maybe somewhere should be the ctx->session too?