Integer Overflow Bug Leads To Diablo III Gold Duping 160
Nerval's Lobster writes "Online economies come with their own issues. Case in point is the Auction House for Diablo III, a massively multiplayer game in which players can pay for items in either in-game gold or real-world dollars. Thanks to a bug in the game's latest patch, players could generate massive amounts of virtual gold with little effort, which threatened to throw the in-game economy seriously out of whack. Diablo series publisher Blizzard took corrective steps, but the bug has already attracted a fair share of buzz on gaming and tech-news forums. 'We're still in the process of auditing Auction House and gold trade transactions,' read Blizzard's note on the Battle.net forums. 'We realize this is an inconvenience for many of our players, and we sincerely apologize for the interruption of the service. We hope to have everything back up as soon as possible.' Blizzard was unable to offer an ETA for when the Auction House would come back. 'We'll continue to provide updates in this thread as they become available.' Diablo's gold issue brings up (however tangentially) some broader issues with virtual currencies, namely the bugs and workarounds that can throw an entire micro-economy out of whack. But then again, 'real world' markets have their own software-related problems: witness Wall Street's periodic 'flash crashes' (caused, many believe, by the rise of ultra-high-speed computer trading)."
It seems likely the gold duping was due to a simple integer overflow bug. A late change added to the patch allowed users to sell gold on the Real Money Auction House in stacks of 10 million rather than stacks of 1 million. On the RMAH, there exists both a cap ($250) and a floor ($0.25) for the value of auctions. With stacks of 1 million and a floor of $0.25, a seller could only enter 1 billion gold (1,000 stacks) while staying under the $250 cap. When the gold stack size increased, the value of gold dropped significantly. At $0.39 per 10 million, a user could enter values of up to 6.4 billion gold at a time. Unfortunately, the RMAH wasn't designed to handle gold numbers above 2^31, or 2,147,483,648 gold. Creating the auction wouldn't remove enough gold, but canceling it would return the full amount.
Re:Limit checking (Score:3, Informative)
That 2^31 gold ought to be enough for anybody?
Gryfindor loses 50 points.
Luls. (Score:4, Informative)
Basically this exact thing happened to Kingdom of Loathing... like 9 years ago... at a time when that game was basically still in beta, and was basically the work of two people, neither of whom would actually have called themselves "programmers" at the time... as opposed to the work of a giant team of professionals releasing a triple-A title... that is mega hilarious.
(Black Sunday: August 8th, 2004, someone discovers that using a particular item, "meat vortex", which under normal circumstances subtracts a handful of the game's currency from your inventory, if you had 0 meat would instead wrap around and give you max meat minus a few, because the game was storing meat in an unsigned int. Fun times!)
Re:Confused (Score:5, Informative)
You couldn't be more wrong. Signed ints are usually the best way to go in C/C++.
>in C an unsigned int must behave in a very predictable manor
"unsigned int x = -3;" generates no compile errors or warnings.
If you don't believe me, listen to the creator of C++ (Bjarne Stroustrup):
"The unsigned integer types are ideal for uses that treat storage as a bit array. Using an unsigned instead of an int to gain one more bit to represent positive integers is almost never a good idea. Attempts to ensure that some values are positive by declaring variables unsigned will typically be defeated by the implicit conversion rules."
Re:Limit checking (Score:4, Informative)
One bug, which I reported about WoW two years ago, shows an integer underflow on a character statistics page under certain conditions. It still hasn't been fixed. Minor? Yeah, but give a bit of a pattern.