Mercurial > hg > early-roguelike
comparison arogue5/rogue.c @ 75:19903deed392
arogue5: fix the crash when checking prices in shops.
A buffer called curpurch, which stores a description of an item in a
trading post which the player might be interested in, was only 15
bytes. It was overflowing into oldrp, a room pointer, leading to
segfaults. The size of curpurch has been increased to LINELEN*2,
which matches the size of prbuf, which is returned by inv_name and
then strcpy()'d to curpurch. As long as nothing overflows prbuf it
should be safe now.
NOTE that this breaks savefile compatibility.
| author | John "Elwin" Edwards <elwin@sdf.org> |
|---|---|
| date | Wed, 05 Sep 2012 10:14:34 -0700 |
| parents | b27bd9f8c7d0 |
| children | ee250e3646fd |
comparison
equal
deleted
inserted
replaced
| 74:0fd87c5c5fca | 75:19903deed392 |
|---|---|
| 63 int pray_time = 0; | 63 int pray_time = 0; |
| 64 int spell_power = 0; | 64 int spell_power = 0; |
| 65 int turns = 0; /* Number of turns player has taken */ | 65 int turns = 0; /* Number of turns player has taken */ |
| 66 int quest_item = 0; /* Item player is looking for */ | 66 int quest_item = 0; /* Item player is looking for */ |
| 67 char nfloors = -1; /* Number of floors in this dungeon */ | 67 char nfloors = -1; /* Number of floors in this dungeon */ |
| 68 char curpurch[15]; /* name of item ready to buy */ | 68 char curpurch[LINELEN*2]; /* name of item ready to buy */ |
| 69 char PLAYER = VPLAYER; /* what the player looks like */ | 69 char PLAYER = VPLAYER; /* what the player looks like */ |
| 70 char take; /* Thing the rogue is taking */ | 70 char take; /* Thing the rogue is taking */ |
| 71 char prbuf[LINELEN*2]; /* Buffer for sprintfs */ | 71 char prbuf[LINELEN*2]; /* Buffer for sprintfs */ |
| 72 char outbuf[BUFSIZ]; /* Output buffer for stdout */ | 72 char outbuf[BUFSIZ]; /* Output buffer for stdout */ |
| 73 char runch; /* Direction player is running */ | 73 char runch; /* Direction player is running */ |