» SmaugMuds » Bugfix Lists » AFKMud Bugfix List » AFKMud Bug Archive » [Bug] Adding a room affect fa...
Pages:<< prev 1 next >>
#1 Oct 9, 2006 2:44 am
Black Hand
GroupAdministrators
Posts3,685
JoinedJan 1, 2002
Bug: Adding a room affect fails under most conditions
Danger: Medium - Code makes use of uninitialized variables
Discovered in: AFKMud 1.77
Found by: Samson
Fixed by: Samson
---
build.c, do_redit
Locate:
Change to:
Most of the flag checking in the redit command for adding room affects is seriously flawed. The flags are checked via the arg3 string, which is never initialized to anything before reaching this point in the function. So it will be attempting to apply affects which were not intended because the value of arg3 is unpredictable. This bug is likely the result of previous work done to reduce the use of static char[] string declarations for memory saving.
Danger: Medium - Code makes use of uninitialized variables
Discovered in: AFKMud 1.77
Found by: Samson
Fixed by: Samson
---
build.c, do_redit
Locate:
else if( loc == APPLY_RESISTANT || loc == APPLY_IMMUNE || loc == APPLY_SUSCEPTIBLE || loc == APPLY_ABSORB ) { char *risa = arg3; char flag[MIL]; while( risa[0] != '\0' ) { risa = one_argument( risa, flag ); value = get_risflag( flag ); if( value < 0 || value >= MAX_RIS_FLAG ) ch_printf( ch, "Unknown flag: %s\n\r", flag ); else { xSET_BIT( risabit, value ); found = true; } } } else if( loc == APPLY_WEAPONSPELL || loc == APPLY_WEARSPELL || loc == APPLY_REMOVESPELL || loc == APPLY_STRIPSN || loc == APPLY_RECURRINGSPELL || loc == APPLY_EAT_SPELL ) { value = skill_lookup( arg3 ); if( !IS_VALID_SN( value ) ) ch_printf( ch, "Invalid spell: %s", arg3 ); else found = true; } else { value = atoi( arg3 ); found = true; } if( !found ) return;
Change to:
else if( loc == APPLY_RESISTANT || loc == APPLY_IMMUNE || loc == APPLY_SUSCEPTIBLE || loc == APPLY_ABSORB ) { char *risa = argument; char flag[MIL]; while( risa[0] != '\0' ) { risa = one_argument( risa, flag ); value = get_risflag( flag ); if( value < 0 || value >= MAX_RIS_FLAG ) ch_printf( ch, "Unknown flag: %s\n\r", flag ); else { xSET_BIT( risabit, value ); found = true; } } } else if( loc == APPLY_WEAPONSPELL || loc == APPLY_WEARSPELL || loc == APPLY_REMOVESPELL || loc == APPLY_STRIPSN || loc == APPLY_RECURRINGSPELL || loc == APPLY_EAT_SPELL ) { value = skill_lookup( argument ); if( !IS_VALID_SN( value ) ) ch_printf( ch, "Invalid spell: %s", argument ); else found = true; } else { value = atoi( argument ); found = true; } if( !found ) return;
Most of the flag checking in the redit command for adding room affects is seriously flawed. The flags are checked via the arg3 string, which is never initialized to anything before reaching this point in the function. So it will be attempting to apply affects which were not intended because the value of arg3 is unpredictable. This bug is likely the result of previous work done to reduce the use of static char[] string declarations for memory saving.
Pages:<< prev 1 next >>