Based on error report from JTP in the tbamud forums. If an attacker was able to start a session and then break the connection, the process_output function would fail. This would trigger two calls to close_socket on the same descriptor. This in turn results in a double free on the character struct.
https://www.tbamud.com/kunena/4-development/5617-another-core-dump-not-long-after-the-one-earlier
Thanks to JTP for the bug report.
* Added loop counter per while instead of global. fixes#135
* Revert "Added loop counter per while instead of global. fixes#135"
This reverts commit 59cf6a1fb2.
* Remove extraneous reset of loop var.
Fixes#135
Thanks to bylins for the fix - https://github.com/bylins
continued the loop, not returned since it isn't likely to be the end of
the wld file.
Added the ability to specify multiple files on the command line. This
will load all files passed before processing into html files. This is to
fix the 'missing exits' from the output html files. The prior version
only worked on a single zone or wld file and generated incomplete
output. The record count was moved global to enable proper tracking of
the entire world. The index_boot function was modified to scan the files
first, get a record count, then start over and load the room records.
example usage: wld2html *.wld
This command will generate the entire world as one html file per room.
Fixed room number roll over. The original was using a short int which is
a 16bit int and rolls at 32k.
Fixed an issue where the html files would get negative names due to
integer rollover. It had something to do with sprintf an int using %d,
but only if you passed that to fopen. Casting the int (room number) to
a long before using sprintf with %ld fixed the issue.
Added the missing four directions from the dir_names array and defines.
Co-authored-by: Dan Danese <biouxtia@danese.us>
Triggers on elements of the room break this utility. Added code to toss them since we don't need them. Can add handling that pulls the trigger info later if desired, but too time consuming to index them before building the room for this simple tool.
Used code formatter to correct indentations and align all {} in lACMD(do_exits)
Checked for unmactched braces and found none.
My code editor shows all {} are matched.
Used code formatter to correct indentations and align all {} in the look_at_room()
Checked for unmactched braces and found none.
My code editor shows all {} are matched.
Fixes unguarded blocks of code in ACMD(do_exits) that could cause the server to report scripted trigger events (mob movements, exit links to rooms being reassigned, and doors being opened or closed) as script errors. Particularly, if this code is copy and pasted into the do_auto_exits().
Fixes the display order of objects in obj_to_room().
Objects are now displayed in the order they are placed/dropped. This prevents fountains, boards, etcetera from "moving" around the room.
This corrects an issue encountered when loading world information on the Raspberry Pi. Sometimes, there is a ~ stored in the memory location in front of tmp char array. The for loop will decrement below the starting memory address, making it read the ~ and think it's at the end of the room, causing an error and preventing the MUD from loading.
This change checks the memory address of tmp, ensuring it is > the starting memory address before decrementing it in the for() loop. Then, the if/else checks to ensure the carriage return and newline are properly placed to prevent duplication.
* Make sure all followers are free'd before freeing the character list
Otherwise, the followers structs will point to free'd memory and
the stop_follower call will attempt to dereference a free'd
characters' followers list.
* fix gcc warning: truncation in strncat
In file included from /usr/include/string.h:494,
from sysdep.h:74,
from act.item.c:12:
In function ‘strncat’,
inlined from ‘name_from_drinkcon’ at act.item.c:804:5,
inlined from ‘name_from_drinkcon’ at act.item.c:769:6:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:136:10: warning: ‘__builtin_strncat’ output truncated before terminating nul copying as many bytes from a string as its length [-Wstringop-truncation]
136 | return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
act.item.c: In function ‘name_from_drinkcon’:
act.item.c:797:16: note: length computed here
797 | cpylen = strlen(cur_name);
| ^~~~~~~~~~~~~~~~
* Whitespace cleanup before bugfix
* Fix warnings for gcc-9.2.1
Also, fixed an ancient FIXME and a known bad strcat usage.
spell_parser.c: In function ‘say_spell’:
spell_parser.c:135:75: warning: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 216 [-Wformat-truncation=]
135 | snprintf(buf1, sizeof(buf1), "$n stares at you and utters the words, '%s'.",
| ^~
In file included from /usr/include/stdio.h:867,
from sysdep.h:69,
from spell_parser.c:12:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 43 and 298 bytes into a destination of size 256
