Mercurial > hg > early-roguelike

diff arogue5/state.c @ 75:19903deed392

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
arogue5: fix the crash when checking prices in shops. A buffer called curpurch, which stores a description of an item in a trading post which the player might be interested in, was only 15 bytes. It was overflowing into oldrp, a room pointer, leading to segfaults. The size of curpurch has been increased to LINELEN*2, which matches the size of prbuf, which is returned by inv_name and then strcpy()'d to curpurch. As long as nothing overflows prbuf it should be safe now. NOTE that this breaks savefile compatibility.
author John "Elwin" Edwards <elwin@sdf.org>
date Wed, 05 Sep 2012 10:14:34 -0700
parents c49f7927b0fa
children 09db0cf536af
line wrap: on
line diff
--- a/arogue5/state.c	Mon Aug 20 20:30:19 2012 -0700
+++ b/arogue5/state.c	Wed Sep 05 10:14:34 2012 -0700
@@ -2294,7 +2294,7 @@
     rs_write_int(savef, turns);
     rs_write_int(savef, quest_item);
     rs_write_char(savef, nfloors);
-    rs_write(savef, curpurch, 15);
+    rs_write(savef, curpurch, LINELEN*2);
     rs_write_char(savef, PLAYER);
     rs_write_char(savef, take);
     rs_write(savef, prbuf, LINELEN);
@@ -2420,7 +2420,7 @@
     rs_read_int(inf, &turns);
     rs_read_int(inf, &quest_item);
     rs_read_char(inf, &nfloors);
-    rs_read(inf, &curpurch, 15);
+    rs_read(inf, &curpurch, LINELEN*2);
     rs_read_char(inf, &PLAYER);
     rs_read_char(inf, &take);
     rs_read(inf, &prbuf, LINELEN);