Mercurial > hg > early-roguelike
diff arogue5/state.c @ 75:19903deed392
arogue5: fix the crash when checking prices in shops.
A buffer called curpurch, which stores a description of an item in a
trading post which the player might be interested in, was only 15
bytes. It was overflowing into oldrp, a room pointer, leading to
segfaults. The size of curpurch has been increased to LINELEN*2,
which matches the size of prbuf, which is returned by inv_name and
then strcpy()'d to curpurch. As long as nothing overflows prbuf it
should be safe now.
NOTE that this breaks savefile compatibility.
author | John "Elwin" Edwards <elwin@sdf.org> |
---|---|
date | Wed, 05 Sep 2012 10:14:34 -0700 |
parents | c49f7927b0fa |
children | 09db0cf536af |
line wrap: on
line diff
--- a/arogue5/state.c Mon Aug 20 20:30:19 2012 -0700 +++ b/arogue5/state.c Wed Sep 05 10:14:34 2012 -0700 @@ -2294,7 +2294,7 @@ rs_write_int(savef, turns); rs_write_int(savef, quest_item); rs_write_char(savef, nfloors); - rs_write(savef, curpurch, 15); + rs_write(savef, curpurch, LINELEN*2); rs_write_char(savef, PLAYER); rs_write_char(savef, take); rs_write(savef, prbuf, LINELEN); @@ -2420,7 +2420,7 @@ rs_read_int(inf, &turns); rs_read_int(inf, &quest_item); rs_read_char(inf, &nfloors); - rs_read(inf, &curpurch, 15); + rs_read(inf, &curpurch, LINELEN*2); rs_read_char(inf, &PLAYER); rs_read_char(inf, &take); rs_read(inf, &prbuf, LINELEN);