Fix for amb519: geoip_code2 and geoip_code3 will overflow the result buffer on an unsuccessful lookup.

Added two replacement natives for those two: geoip_code2_ex and geoip_code3_ex, could not modify the old natives without breaking backwards compatibility.

dlls/geoip/geoip_amxx.cpp

@@ -28,6 +28,39 @@ static cell AMX_NATIVE_CALL amx_geoip_code3(AMX *amx, cell *params)
 	const char *ccode = GeoIP_country_code3_by_addr(gi, ip);
 	return MF_SetAmxString(amx, params[2], ccode?ccode:"error", 4);
 }
+static cell AMX_NATIVE_CALL amx_geoip_code2_ex(AMX *amx, cell *params)
+{
+	int len = 0;
+	char *ip = MF_GetAmxString(amx, params[1], 0, &len);
+	StripPort(ip);
+	const char *ccode = GeoIP_country_code_by_addr(gi, ip);
+	
+	if (ccode == NULL)
+	{
+		return 0;
+	}
+	
+	MF_SetAmxString(amx, params[2], ccode, 2);
+	
+	return 1;
+}
+
+static cell AMX_NATIVE_CALL amx_geoip_code3_ex(AMX *amx, cell *params)
+{
+	int len = 0;
+	char *ip = MF_GetAmxString(amx, params[1], 0, &len);
+	StripPort(ip);
+	const char *ccode = GeoIP_country_code3_by_addr(gi, ip);
+
+	if (ccode == NULL)
+	{
+		return 0;
+	}
+	
+	MF_SetAmxString(amx, params[2], ccode, 3);
+	
+	return 1;
+}
 
 static cell AMX_NATIVE_CALL amx_geoip_country(AMX *amx, cell *params)
 {
@@ -60,6 +93,10 @@ void OnAmxxDetach()
 AMX_NATIVE_INFO geoip_natives[] = {
 	{"geoip_code2",		amx_geoip_code2},
 	{"geoip_code3",		amx_geoip_code3},
+	
+	{"geoip_code2_ex",	amx_geoip_code2_ex},
+	{"geoip_code3_ex",	amx_geoip_code3_ex},
+	
 	{"geoip_country",	amx_geoip_country},
 	{NULL,				NULL},
 };

plugins/include/geoip.inc

@@ -17,13 +17,58 @@
  #pragma library geoip
 #endif
 
-//IP address can contain ports, the ports will be stripped out
+/// IP addresses passed to these natives can contain ports, the ports will be ignored.
 
-//get a two character country code (eg US, CA etc)
+/**
+ * Lookup the two character country code for a given IP address.
+ * e.g: "US", "CA", etc.
+ *
+ * @param ip		The IP address to lookup.
+ * @param result	The result buffer.  If the lookup does not succeed, the buffer is not modified.
+ * @return			true on a successful lookup, false on a failed lookup.
+ */
+native bool:geoip_code2_ex(const ip[], result[3]);
+
+/**
+ * Lookup the three character country code for a given IP address.
+ * e.g: "USA", "cAN", etc.
+ *
+ * @param ip		The IP address to lookup.
+ * @param result	The result buffer.  If the lookup does not succeed, the buffer is not modified.
+ * @return			true on a successful lookup, false on a failed lookup.
+ */
+native bool:geoip_code3_ex(const ip[], result[4]);
+
+/**
+ * @deprecated
+ * Lookup the two character country code for a given IP address.
+ *
+ * @note This native will overflow the buffer by one cell on an unknown ip lookup!
+ * @note Use geoip_code2_ex instead!
+ *
+ * @param ip		The IP address to lookup.
+ * @param result	The result buffer.
+ */
 native geoip_code2(const ip[], ccode[3]);
 
-//get a three character country code (eg USA, cAN etc)
+/**
+ * @deprecated
+ * Lookup the three character country code for a given IP address.
+ *
+ * @note This native will overflow the buffer by one cell on an unknown ip lookup!
+ * @note Use geoip_code3_ex instead!
+ *
+ * @param ip		The IP address to lookup.
+ * @param result	The result buffer.
+ */
 native geoip_code3(const ip[], result[4]);
 
-//get a full country name.  max name is 45 chars
+/**
+ * Lookup the full country name for the given IP address.  Sets the buffer to "error" on
+ * an unsuccessful lookup.
+ *
+ * @param ip		The IP address to lookup.
+ * @param result	The result of the geoip lookup.
+ * @param len		The maximum length of the result buffer.
+ */
 native geoip_country(const ip[], result[], len=45);