From 4155ca30df52d4d05ddd529c8320951f85b74e75 Mon Sep 17 00:00:00 2001
From: iAmir <hhm6@yahoo.com>
Date: Sat, 9 Dec 2023 03:48:36 +0330
Subject: [PATCH 1/4] weapon id validation in passenger, vehicle, onfoot syncs

---
 Server/Source/player_pool.hpp | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/Server/Source/player_pool.hpp b/Server/Source/player_pool.hpp
index 2cecaf5a0..14b47c52a 100644
--- a/Server/Source/player_pool.hpp
+++ b/Server/Source/player_pool.hpp
@@ -657,6 +657,12 @@ struct PlayerPool final : public IPlayerPool, public NetworkEventHandler, public
 
 			Player& player = static_cast<Player&>(peer);
 
+			uint8_t slot = WeaponSlotData(footSync.Weapon).slot();
+			if (slot == INVALID_WEAPON_SLOT)
+			{
+				return false;
+			}
+
 			footSync.PlayerID = player.poolID;
 			footSync.Rotation *= player.rotTransform_;
 
@@ -1091,6 +1097,13 @@ struct PlayerPool final : public IPlayerPool, public NetworkEventHandler, public
 			{
 				return false;
 			}
+
+			uint8_t slot = WeaponSlotData(vehicleSync.WeaponID).slot();
+			if (slot == INVALID_WEAPON_SLOT)
+			{
+				return false;
+			}
+
 			IVehicle& vehicle = *vehiclePtr;
 			Player& player = static_cast<Player&>(peer);
 			player.pos_ = vehicleSync.Position;
@@ -1335,9 +1348,16 @@ struct PlayerPool final : public IPlayerPool, public NetworkEventHandler, public
 			{
 				return false;
 			}
-			IVehicle& vehicle = *vehiclePtr;
 
+			uint8_t slot = WeaponSlotData(passengerSync.WeaponID).slot();
+			if (slot == INVALID_WEAPON_SLOT)
+			{
+				return false;
+			}
+
+			IVehicle& vehicle = *vehiclePtr;
 			Player& player = static_cast<Player&>(peer);
+
 			if (vehicle.isRespawning())
 				return false;
 

From 9d3ead68356feb5cdc8fffdcc87b617515d4d1b0 Mon Sep 17 00:00:00 2001
From: iAmir <hhm6@yahoo.com>
Date: Sat, 9 Dec 2023 06:28:53 +0330
Subject: [PATCH 2/4] weapon validity check for OnPlayer(Give/Take)Damage

---
 Server/Source/player_pool.hpp | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/Server/Source/player_pool.hpp b/Server/Source/player_pool.hpp
index 14b47c52a..28f18df5b 100644
--- a/Server/Source/player_pool.hpp
+++ b/Server/Source/player_pool.hpp
@@ -213,7 +213,17 @@ struct PlayerPool final : public IPlayerPool, public NetworkEventHandler, public
 					{
 						return false;
 					}
-					if (!from->areWeaponsAllowed() && 0 < onPlayerGiveTakeDamageRPC.WeaponID && onPlayerGiveTakeDamageRPC.WeaponID <= 47)
+
+					auto slot = WeaponSlotData(onPlayerGiveTakeDamageRPC.WeaponID).slot();
+					if (slot == INVALID_WEAPON_SLOT)
+					{
+						if (onPlayerGiveTakeDamageRPC.WeaponID < 49 || onPlayerGiveTakeDamageRPC.WeaponID > 54)
+						{
+							return false;
+						}
+					}
+
+					if (!from->areWeaponsAllowed() && 0 < onPlayerGiveTakeDamageRPC.WeaponID && onPlayerGiveTakeDamageRPC.WeaponID <= 54)
 					{
 						// They were shooting and shouldn't be.
 						return false;
@@ -247,7 +257,14 @@ struct PlayerPool final : public IPlayerPool, public NetworkEventHandler, public
 				{
 					return false;
 				}
-				if (!peer.areWeaponsAllowed() && 0 < onPlayerGiveTakeDamageRPC.WeaponID && onPlayerGiveTakeDamageRPC.WeaponID <= 47)
+
+				auto slot = WeaponSlotData(onPlayerGiveTakeDamageRPC.WeaponID).slot();
+				if (slot == INVALID_WEAPON_SLOT)
+				{
+					return false;
+				}
+
+				if (!peer.areWeaponsAllowed() && (0 < onPlayerGiveTakeDamageRPC.WeaponID && onPlayerGiveTakeDamageRPC.WeaponID <= 46))
 				{
 					// They were shooting and shouldn't be.
 					return false;

From c158272dba1fd2f3a99160e3c1e1e5e8fcb22c87 Mon Sep 17 00:00:00 2001
From: iAmir <hhm6@yahoo.com>
Date: Sat, 9 Dec 2023 06:29:25 +0330
Subject: [PATCH 3/4] weapon validity check for OnPlayerGiveDamageActor

---
 Server/Components/Actors/actors_main.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/Server/Components/Actors/actors_main.cpp b/Server/Components/Actors/actors_main.cpp
index abf0b8b9e..0d4045415 100644
--- a/Server/Components/Actors/actors_main.cpp
+++ b/Server/Components/Actors/actors_main.cpp
@@ -41,6 +41,15 @@ class ActorsComponent final : public IActorsComponent, public PlayerConnectEvent
 				return false;
 			}
 
+			auto slot = WeaponSlotData(onPlayerDamageActorRPC.WeaponID).slot();
+			if (slot == INVALID_WEAPON_SLOT)
+			{
+				if (onPlayerDamageActorRPC.WeaponID < 49 || onPlayerDamageActorRPC.WeaponID > 54)
+				{
+					return false;
+				}
+			}
+
 			if (onPlayerDamageActorRPC.Bodypart < BodyPart_Torso || onPlayerDamageActorRPC.Bodypart > BodyPart_Head)
 			{
 				return false;

From 5624dd5493e9c963dfb0adb265562a719e68dc90 Mon Sep 17 00:00:00 2001
From: iAmir <hhm6@yahoo.com>
Date: Tue, 26 Dec 2023 19:27:10 +0330
Subject: [PATCH 4/4] use a function for both cases for taken damage weap check

---
 SDK/include/utils.hpp                    | 14 ++++++++++++++
 Server/Components/Actors/actors_main.cpp |  9 +++------
 Server/Source/player_pool.hpp            |  9 +++------
 3 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/SDK/include/utils.hpp b/SDK/include/utils.hpp
index 1891faf9b..3107984a5 100644
--- a/SDK/include/utils.hpp
+++ b/SDK/include/utils.hpp
@@ -1,4 +1,5 @@
 #pragma once
+#include "player.hpp"
 
 #define STRINGIFY(s) _STRINGIFY(s)
 #define _STRINGIFY(s) #s
@@ -14,3 +15,16 @@ inline StringView trim(StringView view)
 	const size_t end = view.find_last_not_of(whitespace);
 	return view.substr(start, end - start + 1);
 }
+
+inline bool IsWeaponForTakenDamageValid(int weapon)
+{
+	auto slot = WeaponSlotData(weapon).slot();
+	if (slot == INVALID_WEAPON_SLOT)
+	{
+		if (weapon < 49 || weapon > 54)
+		{
+			return false;
+		}
+	}
+	return true;
+}
diff --git a/Server/Components/Actors/actors_main.cpp b/Server/Components/Actors/actors_main.cpp
index 0d4045415..474d75f90 100644
--- a/Server/Components/Actors/actors_main.cpp
+++ b/Server/Components/Actors/actors_main.cpp
@@ -8,6 +8,7 @@
 
 #include "actor.hpp"
 #include <Server/Components/Fixes/fixes.hpp>
+#include <utils.hpp>
 
 class ActorsComponent final : public IActorsComponent, public PlayerConnectEventHandler, public PlayerUpdateEventHandler, public PoolEventHandler<IPlayer>
 {
@@ -41,13 +42,9 @@ class ActorsComponent final : public IActorsComponent, public PlayerConnectEvent
 				return false;
 			}
 
-			auto slot = WeaponSlotData(onPlayerDamageActorRPC.WeaponID).slot();
-			if (slot == INVALID_WEAPON_SLOT)
+			if (!IsWeaponForTakenDamageValid(onPlayerDamageActorRPC.WeaponID))
 			{
-				if (onPlayerDamageActorRPC.WeaponID < 49 || onPlayerDamageActorRPC.WeaponID > 54)
-				{
-					return false;
-				}
+				return false;
 			}
 
 			if (onPlayerDamageActorRPC.Bodypart < BodyPart_Torso || onPlayerDamageActorRPC.Bodypart > BodyPart_Head)
diff --git a/Server/Source/player_pool.hpp b/Server/Source/player_pool.hpp
index 28f18df5b..7f5b32445 100644
--- a/Server/Source/player_pool.hpp
+++ b/Server/Source/player_pool.hpp
@@ -10,6 +10,7 @@
 
 #include "player_impl.hpp"
 #include <Server/Components/Console/console.hpp>
+#include <utils.hpp>
 
 struct PlayerPool final : public IPlayerPool, public NetworkEventHandler, public PlayerUpdateEventHandler, public CoreEventHandler
 {
@@ -214,13 +215,9 @@ struct PlayerPool final : public IPlayerPool, public NetworkEventHandler, public
 						return false;
 					}
 
-					auto slot = WeaponSlotData(onPlayerGiveTakeDamageRPC.WeaponID).slot();
-					if (slot == INVALID_WEAPON_SLOT)
+					if (!IsWeaponForTakenDamageValid(onPlayerGiveTakeDamageRPC.WeaponID))
 					{
-						if (onPlayerGiveTakeDamageRPC.WeaponID < 49 || onPlayerGiveTakeDamageRPC.WeaponID > 54)
-						{
-							return false;
-						}
+						return false;
 					}
 
 					if (!from->areWeaponsAllowed() && 0 < onPlayerGiveTakeDamageRPC.WeaponID && onPlayerGiveTakeDamageRPC.WeaponID <= 54)