Bug: Line editor crashes when overfilled
Danger: Critical - Buffer overrun crash
Discovered in: AFKMud 2.01
Found by: John
Fixed by: Samson

---

editor.cpp, in struct editor_data

Locate:

   char line[49][81];

Change to:

   char line[max_buf_lines][81];

editor.cpp, char_data::start_editing

Locate:

         if( lines >= 49 || size > 4096 )

Change to:

         if( lines >= max_buf_lines || size > MSL )

Locate:

   if( lpos > 0 && lpos < 78 && lines < 49 )

Change to:

   if( lpos > 0 && lpos < 78 && lines < max_buf_lines )

editor.cpp, start_editing

Locate:

         if( lines >= 49 || size > 4096 )

Change to:

         if( lines >= max_buf_lines || size > MSL )

Locate:

   if( lpos > 0 && lpos < 78 && lines < 49 )

Change to:

   if( lpos > 0 && lpos < 78 && lines < max_buf_lines )

Classic case of not catching everything that needed to get changed. At some point along the way we decided to make it easier for us to change the number of lines a line editor can hold from 49 to 60. Don't remember exactly why, but we did. In doing so I decided to make the number of lines easily changed from one spot but forgot about other places the original 49 was used. So the code was trying to treat a 49 line buffer as though it had 60 lines, which is a Bad Thing(tm).