[Crash] Unchecked msg.eggAmount numeric operation in addEggs handler

## Summary
Services server produces NaN when `msg.eggAmount` is undefined, corrupting user balance.

## Affected Code
`server-services/start-services.js:378`

```javascript
userData.currentBalance += (msg.eggAmount * eggMultiplier); // NaN if msg.eggAmount undefined
```

## Vulnerability
If client sends `{"cmd":"addEggs"}` without `eggAmount` field, balance becomes NaN.

## Impact
- User balance corruption
- Database integrity issue
- Potential crashes on subsequent balance operations

## Proof of Concept
```json
{"cmd":"addEggs","session":"valid_session"}
```
Result: `userData.currentBalance = NaN`

## Recommended Fix
```javascript
const eggAmount = parseInt(msg.eggAmount) || 0;
if (eggAmount > 0 && eggAmount < 10000) { // Add reasonable bounds
  userData.currentBalance += (eggAmount * eggMultiplier);
}
```

## References
- PR: https://github.com/onlypuppy7/LegacyShell/pull/43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Crash] Unchecked msg.eggAmount numeric operation in addEggs handler #67

Summary

Affected Code

Vulnerability

Impact

Proof of Concept

Recommended Fix

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[Crash] Unchecked msg.eggAmount numeric operation in addEggs handler #67

Description

Summary

Affected Code

Vulnerability

Impact

Proof of Concept

Recommended Fix

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions