In all games, rs_write_room_reference() stored -1 for a nonexistent
room, but rs_read_room_reference() did not check for out-of-bounds
values, leading to pointers to rooms[-1], which sometimes caused
crashes. rs_read_room_reference() has now been modified to use NULL
instead.
Some of the games required further changes to replace NULL with the
pointer to the actual room. Others are capable of handling NULL for
objects not in any room.
The spell-choosing and prayer-choosing routines, when the one-line
inventory option is set, displayed to cw instead of msgw. This caused
permanent corruption of the message line.
Some sections of code that prompt the user for a string of input were
calling get_str() with cw (the player-visible screen containing the
map), which caused whatever the player typed to get printed starting at
cw's idea of the cursor position, which was usually the Rogue's @-sign.
This corrupted the map.
The problem has been fixed by passing msgw (the message line at the top
of the screen) to get_str(), so the player's typing appears where msgw
thinks the cursor should be, which is in the sensible place right after
the prompt. Some other get_str() invocations which used hw or stdscr
have been left unmodified.
A buffer called curpurch, which stores a description of an item in a
trading post which the player might be interested in, was only 15
bytes. It was overflowing into oldrp, a room pointer, leading to
segfaults. The size of curpurch has been increased to LINELEN*2,
which matches the size of prbuf, which is returned by inv_name and
then strcpy()'d to curpurch. As long as nothing overflows prbuf it
should be safe now.
NOTE that this breaks savefile compatibility.
