diff options
| author | Kenpachi Developer <Kenpachi.Developer@gmx.de> | 2020-07-04 00:16:30 +0200 |
|---|---|---|
| committer | Kenpachi Developer <Kenpachi.Developer@gmx.de> | 2020-07-04 00:16:30 +0200 |
| commit | 69c777b219a8da1d6004be6c5bda8f590283318e (patch) | |
| tree | 18d3eab15f3883a67d8626b721a8bcf40b9cd0eb | |
| parent | 2eff14f905ad2a9493dcf879b16a4d4a0c5b8508 (diff) | |
| download | hercules-69c777b219a8da1d6004be6c5bda8f590283318e.tar.gz hercules-69c777b219a8da1d6004be6c5bda8f590283318e.tar.bz2 hercules-69c777b219a8da1d6004be6c5bda8f590283318e.tar.xz hercules-69c777b219a8da1d6004be6c5bda8f590283318e.zip | |
Validate return value of status_get_element(src) before using it as array index
| -rw-r--r-- | src/map/battle.c | 50 |
1 files changed, 30 insertions, 20 deletions
diff --git a/src/map/battle.c b/src/map/battle.c index 956cc4a49..98569f436 100644 --- a/src/map/battle.c +++ b/src/map/battle.c @@ -1070,15 +1070,20 @@ static int64 battle_calc_cardfix(int attack_type, struct block_list *src, struct } // Apply bMagicSubDefEle damage reduction. - switch (src->type) { - case BL_MOB: - ele_fix += tsd->magic_sub_def_ele[status_get_element(src)].rate_mob; - break; - case BL_PC: - ele_fix += tsd->magic_sub_def_ele[status_get_element(src)].rate_pc; - break; - default: - break; + enum elements def_ele = status_get_element(src); + + if ((src->type == BL_MOB || src->type == BL_PC) + && !Assert_chk(def_ele >= ELE_NEUTRAL && def_ele < ELE_MAX)) { + switch (src->type) { + case BL_MOB: + ele_fix += tsd->magic_sub_def_ele[def_ele].rate_mob; + break; + case BL_PC: + ele_fix += tsd->magic_sub_def_ele[def_ele].rate_pc; + break; + default: + break; + } } cardfix = cardfix * (100 - ele_fix) / 100; @@ -1249,18 +1254,23 @@ static int64 battle_calc_cardfix(int attack_type, struct block_list *src, struct } // Apply bSubDefEle damage reduction. - switch (src->type) { - case BL_MOB: - ele_fix = tsd->sub_def_ele[status_get_element(src)].rate_mob; - break; - case BL_PC: - ele_fix = tsd->sub_def_ele[status_get_element(src)].rate_pc; - break; - default: - break; - } + enum elements def_ele = status_get_element(src); - cardfix = cardfix * (100 - ele_fix) / 100; + if ((src->type == BL_MOB || src->type == BL_PC) + && !Assert_chk(def_ele >= ELE_NEUTRAL && def_ele < ELE_MAX)) { + switch (src->type) { + case BL_MOB: + ele_fix = tsd->sub_def_ele[def_ele].rate_mob; + break; + case BL_PC: + ele_fix = tsd->sub_def_ele[def_ele].rate_pc; + break; + default: + break; + } + + cardfix = cardfix * (100 - ele_fix) / 100; + } } cardfix = cardfix * (100-tsd->subsize[sstatus->size]) / 100; cardfix = cardfix * (100-tsd->subrace2[s_race2]) / 100; |