lol hahaha
Let me tell you why you don't want to bother with "clientside" fixing...
What happens when someone else uses a different client exe but yours to connect?
What happens when someone uses your client and just sends the packets directly without relying on the client?
The real solution at this point is to filter the string out of your packets serverside, that way you can prevent the crashing, log who does it, disconnect just them etc.
Enough of the source code for tantra was released that you can have a look and write new code to handle it. The same goes for all these dupes that people are exploiting, all you really need to do is save the character data right after they do anything important, eg: trading, buying, selling.