From 661c66818ba37161c4626e0b5026fd6fe30a89a8 Mon Sep 17 00:00:00 2001
From: in2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204>
Date: Sat, 12 Feb 2005 10:29:10 +0000
Subject: check if uid is in range in deumoney(). or damage SHM. this checking
 should be done in upper layer or users could not get the error messages. so
 mark as TODO.

git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@2499 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
---
 mbbsd/admin.c | 2 +-
 mbbsd/bbs.c   | 4 ++--
 mbbsd/cache.c | 5 +++++
 mbbsd/cal.c   | 2 +-
 4 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/mbbsd/admin.c b/mbbsd/admin.c
index f2c6271b..78a0c945 100644
--- a/mbbsd/admin.c
+++ b/mbbsd/admin.c
@@ -1343,7 +1343,7 @@ give_id_money(char *user_id, int money, FILE * log_fp, char *mail_title, time4_t
 {
     char            tt[TTLEN + 1] = {0};
 
-    if (deumoney(searchuser(user_id), money) < 0) { // FIXME if searchuser() return 0
+    if (deumoney(searchuser(user_id), money) < 0) { // TODO if searchuser() return 0
 	move(12, 0);
 	clrtoeol();
 	prints("id:%s money:%d 不對吧!!", user_id, money);
diff --git a/mbbsd/bbs.c b/mbbsd/bbs.c
index dab735e2..b99b7d0d 100644
--- a/mbbsd/bbs.c
+++ b/mbbsd/bbs.c
@@ -2322,7 +2322,7 @@ good_post(int ent, fileheader_t * fhdr, char *direct)
 	fhdr->filemode = (fhdr->filemode & ~FILE_DIGEST);
 	if (!strcmp(currboard, "Note") || !strcmp(currboard, "PttBug") ||
 	    !strcmp(currboard, "Artdsn") || !strcmp(currboard, "PttLaw")) {
-	    deumoney(searchuser(fhdr->owner), -1000); // FIXME if searchuser() return 0
+	    deumoney(searchuser(fhdr->owner), -1000); // TODO if searchuser() return 0
 	    if (!(currmode & MODE_SELECT))
 		fhdr->multi.money -= 1000;
 	    else
@@ -2361,7 +2361,7 @@ good_post(int ent, fileheader_t * fhdr, char *direct)
 	fhdr->filemode = (fhdr->filemode & ~FILE_MARKED) | FILE_DIGEST;
 	if (!strcmp(currboard, "Note") || !strcmp(currboard, "PttBug") ||
 	    !strcmp(currboard, "Artdsn") || !strcmp(currboard, "PttLaw")) {
-	    deumoney(searchuser(fhdr->owner), 1000); // FIXME if searchuser() return 0
+	    deumoney(searchuser(fhdr->owner), 1000); // TODO if searchuser() return 0
 	    if (!(currmode & MODE_SELECT))
 		fhdr->multi.money += 1000;
 	    else
diff --git a/mbbsd/cache.c b/mbbsd/cache.c
index 3f989885..a8e13ce0 100644
--- a/mbbsd/cache.c
+++ b/mbbsd/cache.c
@@ -447,6 +447,11 @@ setumoney(int uid, int money)
 int
 deumoney(int uid, int money)
 {
+    if (uid <= 0 || uid > MAX_USERS){
+	vmsg("internal error");
+	return -1;
+    }
+
     if (money < 0 && moneyof(uid) < -money)
 	return setumoney(uid, 0);
     else
diff --git a/mbbsd/cal.c b/mbbsd/cal.c
index 34eb3ea7..0e2a48c0 100644
--- a/mbbsd/cal.c
+++ b/mbbsd/cal.c
@@ -374,7 +374,7 @@ p_give()
 	tax = give_tax(money);
 	if (money - tax <= 0)
 	    return 0;		/* 繳完稅就沒錢給了 */
-	deumoney(searchuser(id), money - tax); // FIXME if searchuser(id) return 0
+	deumoney(searchuser(id), money - tax); // TODO if searchuser(id) return 0
 	demoney(-money);
 	log_file(FN_MONEY, LOG_CREAT | LOG_VF, "%s\t給%s\t%d\t%s",
                  cuser.userid, id, money - tax, ctime4(&now));
-- 
cgit v1.2.3