diff options
author | Andrei Karas <akaras@inbox.ru> | 2014-12-25 17:41:42 +0300 |
---|---|---|
committer | Andrei Karas <akaras@inbox.ru> | 2014-12-31 23:06:27 +0300 |
commit | a71a056abb8931aa4a11d0cde296fe9de68ee6df (patch) | |
tree | 0ebda387e185404e2670a0c6f81b38b2cd1dbc95 | |
parent | db5fd3795cba3d30bb3d031719a272eec23cd586 (diff) | |
download | hercules-a71a056abb8931aa4a11d0cde296fe9de68ee6df.tar.gz hercules-a71a056abb8931aa4a11d0cde296fe9de68ee6df.tar.bz2 hercules-a71a056abb8931aa4a11d0cde296fe9de68ee6df.tar.xz hercules-a71a056abb8931aa4a11d0cde296fe9de68ee6df.zip |
Fix possible memory overflows and underflows.
-rw-r--r-- | src/map/clif.c | 4 | ||||
-rw-r--r-- | src/map/mob.c | 2 | ||||
-rw-r--r-- | src/map/pc.c | 2 |
3 files changed, 5 insertions, 3 deletions
diff --git a/src/map/clif.c b/src/map/clif.c index d7b10f2f4..a1eb6662f 100644 --- a/src/map/clif.c +++ b/src/map/clif.c @@ -14495,8 +14495,8 @@ void clif_ranking_pk(struct map_session_data* sd) { WFIFOHEAD(fd,packet_len(0x238)); WFIFOW(fd,0) = 0x238; - for(i=0;i<10;i++){ - memcpy(WFIFOP(fd,i*24+2), "Unknown", NAME_LENGTH); + for (i = 0; i < 10;i ++) { + strncpy((char*)WFIFOP(fd, i * 24 + 2), "Unknown", NAME_LENGTH); WFIFOL(fd,i*4+242) = 0; } WFIFOSET(fd, packet_len(0x238)); diff --git a/src/map/mob.c b/src/map/mob.c index 4db8cb2f6..96ee83d3b 100644 --- a/src/map/mob.c +++ b/src/map/mob.c @@ -4324,7 +4324,7 @@ bool mob_parse_row_mobskilldb(char** str, int columns, int current) if( strcmp(str[1],"clear")==0 ){ if (mob_id < 0) return false; - memset(mob->db_data[mob_id]->skill,0,sizeof(struct mob_skill)); + memset(mob->db_data[mob_id]->skill,0,sizeof(struct mob_skill) * MAX_MOBSKILL); mob->db_data[mob_id]->maxskill=0; return true; } diff --git a/src/map/pc.c b/src/map/pc.c index e39ddbff2..356b57e5b 100644 --- a/src/map/pc.c +++ b/src/map/pc.c @@ -1422,6 +1422,7 @@ int pc_calc_skilltree(struct map_session_data *sd) { //Enable Bard/Dancer spirit linked skills. if( sd->status.sex ) { //Link dancer skills to bard. + // i can be < 8? if( sd->status.skill[i-8].lv < 10 ) continue; sd->status.skill[i].id = skill->db[i].nameid; @@ -1430,6 +1431,7 @@ int pc_calc_skilltree(struct map_session_data *sd) } else { //Link bard skills to dancer. if( sd->status.skill[i].lv < 10 ) continue; + // i can be < 8? sd->status.skill[i-8].id = skill->db[i-8].nameid; sd->status.skill[i-8].lv = sd->status.skill[i].lv; // Set the level to the same as the linking skill sd->status.skill[i-8].flag = SKILL_FLAG_TEMPORARY; // Tag it as a non-savable, non-uppable, bonus skill |