From 6164897cfc199333b80e73f2b989bac93b7aeca4 Mon Sep 17 00:00:00 2001 From: "John \"Elwin\" Edwards" Date: Sun, 10 Sep 2017 21:04:22 -0400 Subject: [PATCH] UltraRogue: prevent bad array accesses in call(). Marking non-magic items caused segfaults because item_color was set to NULL. item_type could also be used as an out-of-bounds index. These problems have been fixed by only using these variables when the mark argument is false, in which case they are properly initialized. A fall-through case statement was also fixed. --- urogue/command.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/urogue/command.c b/urogue/command.c index b081a0b..fb5bf1e 100644 --- a/urogue/command.c +++ b/urogue/command.c @@ -1303,6 +1303,7 @@ call(int mark) case STICK: item_type = TYP_STICK; item_color = ws_made; + break; default: if (!mark) { @@ -1312,10 +1313,7 @@ call(int mark) break; } - elsewise = (guess_items[item_type][obj->o_which] != NULL ? - guess_items[item_type][obj->o_which] : item_color[obj->o_which]); - - if (know_items[item_type][obj->o_which] && !mark) + if (!mark && know_items[item_type][obj->o_which]) { msg("That has already been identified."); return; @@ -1331,6 +1329,9 @@ call(int mark) } else { + elsewise = (guess_items[item_type][obj->o_which] != NULL ? + guess_items[item_type][obj->o_which] : item_color[obj->o_which]); + msg("Was called \"%s\".", elsewise); msg("What do you want to call it? ");