From f1b95fe45e40ec0fee485a080b54e3596a8fe0e8 Mon Sep 17 00:00:00 2001
From: Sukishyou <90439522+Sukishyou@users.noreply.github.com>
Date: Fri, 14 Apr 2023 19:43:51 -0500
Subject: [PATCH 1/2] Fix exploit with Duey Send Items

---
 src/main/java/client/processor/npc/DueyProcessor.java | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/main/java/client/processor/npc/DueyProcessor.java b/src/main/java/client/processor/npc/DueyProcessor.java
index 8db12fc8cd..3682b3877f 100644
--- a/src/main/java/client/processor/npc/DueyProcessor.java
+++ b/src/main/java/client/processor/npc/DueyProcessor.java
@@ -285,6 +285,12 @@ public class DueyProcessor {
         if (c.tryacquireClient()) {
             try {
                 int fee = Trade.getFee(sendMesos);
+                if (sendMessage.length() > 100) {
+                    AutobanFactory.PACKET_EDIT.alert(c.getPlayer(), c.getPlayer().getName() + " tried to packet edit with Quick Delivery on duey.");
+                    log.warn("Chr {} tried to use duey with too long of a text", c.getPlayer().getName());
+                    c.disconnect(true, false);
+                    return;
+                }
                 if (!quick) {
                     fee += 5000;
                 } else if (!c.getPlayer().haveItem(ItemId.QUICK_DELIVERY_TICKET)) {

From 301f65ce16e5dc603c71bcc5508e0e01d450d1a5 Mon Sep 17 00:00:00 2001
From: Sukishyou <90439522+Sukishyou@users.noreply.github.com>
Date: Sat, 15 Apr 2023 14:36:00 -0500
Subject: [PATCH 2/2] Add null check to duey packet edit check

---
 src/main/java/client/processor/npc/DueyProcessor.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/client/processor/npc/DueyProcessor.java b/src/main/java/client/processor/npc/DueyProcessor.java
index 3682b3877f..1633e99b71 100644
--- a/src/main/java/client/processor/npc/DueyProcessor.java
+++ b/src/main/java/client/processor/npc/DueyProcessor.java
@@ -285,7 +285,7 @@ public class DueyProcessor {
         if (c.tryacquireClient()) {
             try {
                 int fee = Trade.getFee(sendMesos);
-                if (sendMessage.length() > 100) {
+                if (sendMessage != null && sendMessage.length() > 100) {
                     AutobanFactory.PACKET_EDIT.alert(c.getPlayer(), c.getPlayer().getName() + " tried to packet edit with Quick Delivery on duey.");
                     log.warn("Chr {} tried to use duey with too long of a text", c.getPlayer().getName());
                     c.disconnect(true, false);