summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorshennetsind <ind@henn.et>2015-01-18 11:37:45 -0200
committershennetsind <ind@henn.et>2015-01-18 11:37:45 -0200
commitd0725afa8363b5f7b0612e087b48013d39339039 (patch)
tree3f521b45f4b0f0d3e7dee31cacfdd78d7be867ab
parenta3c4d675ba19df385be5d1e3966c61de7186da57 (diff)
downloadhercules-d0725afa8363b5f7b0612e087b48013d39339039.tar.gz
hercules-d0725afa8363b5f7b0612e087b48013d39339039.tar.bz2
hercules-d0725afa8363b5f7b0612e087b48013d39339039.tar.xz
hercules-d0725afa8363b5f7b0612e087b48013d39339039.zip
Fixing 38 issues
Addressing out of bounds read/write, pointless null checks on already deferenced variables, dead code. Special Thanks to 4144 and Haruna! Signed-off-by: shennetsind <ind@henn.et>
-rw-r--r--src/char/char.c4
-rw-r--r--src/common/console.c2
-rw-r--r--src/common/mapindex.c3
-rw-r--r--src/common/utils.c21
-rw-r--r--src/map/atcommand.c23
-rw-r--r--src/map/battle.c8
-rw-r--r--src/map/chrif.c4
-rw-r--r--src/map/clif.c6
-rw-r--r--src/map/duel.c2
-rw-r--r--src/map/elemental.c1
-rw-r--r--src/map/intif.c3
-rw-r--r--src/map/map.c6
-rw-r--r--src/map/npc.c3
-rw-r--r--src/map/pc.c34
-rw-r--r--src/map/pet.c2
-rw-r--r--src/map/script.c16
-rw-r--r--src/map/skill.c30
-rw-r--r--src/map/status.c14
-rw-r--r--src/map/trade.c8
-rw-r--r--src/tool/mapcache.c6
20 files changed, 111 insertions, 85 deletions
diff --git a/src/char/char.c b/src/char/char.c
index 1d9d1d65c..3d328efa9 100644
--- a/src/char/char.c
+++ b/src/char/char.c
@@ -3009,12 +3009,12 @@ void char_send_maps(int fd, int id, int j)
// Transmitting the maps of the other map-servers to the new map-server
for(x = 0; x < ARRAYLENGTH(chr->server); x++) {
if (chr->server[x].fd > 0 && x != id) {
- WFIFOHEAD(fd,10 +4*ARRAYLENGTH(chr->server[x].map));
+ WFIFOHEAD(fd,10 +4*chr->server[x].maps);
WFIFOW(fd,0) = 0x2b04;
WFIFOL(fd,4) = htonl(chr->server[x].ip);
WFIFOW(fd,8) = htons(chr->server[x].port);
j = 0;
- for(i = 0; i < ARRAYLENGTH(chr->server[x].map); i++)
+ for(i = 0; i < chr->server[x].maps; i++)
if (chr->server[x].map[i])
WFIFOW(fd,10+(j++)*4) = chr->server[x].map[i];
if (j > 0) {
diff --git a/src/common/console.c b/src/common/console.c
index d9567a313..97ca0650e 100644
--- a/src/common/console.c
+++ b/src/common/console.c
@@ -382,7 +382,7 @@ void console_parse_sub(char *line) {
return;
} else
cmd = cmd->u.next[i];
- len += snprintf(sublist + len,CP_CMD_LENGTH * 5,":%s", cmd->cmd);
+ len += snprintf(sublist + len,(CP_CMD_LENGTH * 5) - len,":%s", cmd->cmd);
}
ShowError("Is only a category, type '"CL_WHITE"%s help"CL_RESET"' to list its subcommands\n",sublist);
}
diff --git a/src/common/mapindex.c b/src/common/mapindex.c
index 0d8a69726..2264721fa 100644
--- a/src/common/mapindex.c
+++ b/src/common/mapindex.c
@@ -48,7 +48,7 @@ const char* mapindex_getmapname_ext(const char* string, char* output) {
size_t len;
- strcpy(buf,string);
+ safestrncpy(buf,string, sizeof(buf));
sscanf(string, "%*[^#]%*[#]%15s", buf);
len = safestrnlen(buf, MAP_NAME_LENGTH);
@@ -154,6 +154,7 @@ int mapindex_init(void) {
switch (sscanf(line, "%12s\t%d", map_name, &index)) {
case 1: //Map with no ID given, auto-assign
index = last_index+1;
+ /* Fall through */
case 2: //Map with ID given
mapindex->addmap(index,map_name);
total++;
diff --git a/src/common/utils.c b/src/common/utils.c
index 5688362de..5ede86296 100644
--- a/src/common/utils.c
+++ b/src/common/utils.c
@@ -19,6 +19,7 @@
#include "../common/mmo.h"
#include "../common/showmsg.h"
#include "../common/socket.h"
+#include "../common/strlib.h"
#ifdef WIN32
# include "../common/winapi.h"
@@ -156,16 +157,18 @@ static char* checkpath(char *path, const char*srcpath)
{
// just make sure the char*path is not const
char *p=path;
- if(NULL!=path && NULL!=srcpath)
- while(*srcpath) {
- if (*srcpath=='\\') {
- *p++ = '/';
- srcpath++;
+
+ if(NULL!=path && NULL!=srcpath) {
+ while(*srcpath) {
+ if (*srcpath=='\\') {
+ *p++ = '/';
+ srcpath++;
+ }
+ else
+ *p++ = *srcpath++;
}
- else
- *p++ = *srcpath++;
+ *p = *srcpath; //EOS
}
- *p = *srcpath; //EOS
return path;
}
@@ -177,7 +180,7 @@ void findfile(const char *p, const char *pat, void (func)(const char*))
char tmppath[MAX_DIR_PATH+1];
char path[MAX_DIR_PATH+1]= ".";
const char *pattern = (pat==NULL)? "" : pat;
- if(p!=NULL) strcpy(path,p);
+ if(p!=NULL) safestrncpy(path,p,sizeof(path));
// open the directory for reading
dir = opendir( checkpath(path, path) );
diff --git a/src/map/atcommand.c b/src/map/atcommand.c
index a947b8f47..f750b307a 100644
--- a/src/map/atcommand.c
+++ b/src/map/atcommand.c
@@ -6177,14 +6177,15 @@ ACMD(users)
}
mapit->free(iter);
- // display results for each map
- for( i = 0; i < MAX_MAPINDEX; ++i )
- {
- if( users[i] == 0 )
- continue;// empty
+ if( users_all ) {
+ // display results for each map
+ for( i = 0; i < MAX_MAPINDEX; ++i ) {
+ if( users[i] == 0 )
+ continue;// empty
- safesnprintf(buf, sizeof(buf), "%s: %d (%.2f%%)", mapindex_id2name(i), users[i], (float)(100.0f*users[i]/users_all));
- clif->message(sd->fd, buf);
+ safesnprintf(buf, sizeof(buf), "%s: %d (%.2f%%)", mapindex_id2name(i), users[i], (float)(100.0f*users[i]/users_all));
+ clif->message(sd->fd, buf);
+ }
}
// display overall count
@@ -6616,7 +6617,7 @@ ACMD(mobinfo)
sprintf(atcmd_output, msg_txt(1247), monster->mexp); // MVP Bonus EXP:%u
clif->message(fd, atcmd_output);
- strcpy(atcmd_output, msg_txt(1248)); // MVP Items:
+ safestrncpy(atcmd_output, msg_txt(1248), sizeof(atcmd_output)); // MVP Items:
j = 0;
for (i = 0; i < MAX_MVP_DROP; i++) {
if (monster->mvpitem[i].nameid <= 0 || (item_data = itemdb->exists(monster->mvpitem[i].nameid)) == NULL)
@@ -7086,12 +7087,12 @@ ACMD(iteminfo)
clif->message(fd, atcmd_output);
if (item_data->maxchance == -1)
- strcpy(atcmd_output, msg_txt(1281)); // - Available in the shops only.
+ safestrncpy(atcmd_output, msg_txt(1281), sizeof(atcmd_output)); // - Available in the shops only.
else if ( !battle_config.atcommand_mobinfo_type ) {
if( item_data->maxchance )
sprintf(atcmd_output, msg_txt(1282), (float)item_data->maxchance / 100 ); // - Maximal monsters drop chance: %02.02f%%
else
- strcpy(atcmd_output, msg_txt(1283)); // - Monsters don't drop this item.
+ safestrncpy(atcmd_output, msg_txt(1283), sizeof(atcmd_output)); // - Monsters don't drop this item.
}
clif->message(fd, atcmd_output);
@@ -7130,7 +7131,7 @@ ACMD(whodrops)
clif->message(fd, atcmd_output);
if (item_data->mob[0].chance == 0) {
- strcpy(atcmd_output, msg_txt(1286)); // - Item is not dropped by mobs.
+ safestrncpy(atcmd_output, msg_txt(1286), sizeof(atcmd_output)); // - Item is not dropped by mobs.
clif->message(fd, atcmd_output);
} else {
sprintf(atcmd_output, msg_txt(1287), MAX_SEARCH); // - Common mobs with highest drop chance (only max %d are listed):
diff --git a/src/map/battle.c b/src/map/battle.c
index f332dd330..a5090c641 100644
--- a/src/map/battle.c
+++ b/src/map/battle.c
@@ -749,7 +749,8 @@ int64 battle_calc_masteryfix(struct block_list *src, struct block_list *target,
#endif
case RA_WUGDASH://(Caster Current Weight x 10 / 8)
if( sd->weight )
- damage += sd->weight / 8 ;
+ damage += sd->weight / 8;
+ /* Fall through */
case RA_WUGSTRIKE:
case RA_WUGBITE:
damage += 30*pc->checkskill(sd, RA_TOOTHOFWUG);
@@ -1508,6 +1509,7 @@ int battle_calc_skillratio(int attack_type, struct block_list *src, struct block
if ( sd && sd->spiritcharm[SPIRITS_TYPE_CHARM_WATER] > 0 )
skillratio += 5 * sd->spiritcharm[SPIRITS_TYPE_CHARM_WATER];
#endif
+ /* Fall through */
case NJ_HYOUSYOURAKU:
skillratio += 50 * skill_lv;
if ( sd && sd->spiritcharm[SPIRITS_TYPE_CHARM_WATER] > 0 )
@@ -1521,6 +1523,7 @@ int battle_calc_skillratio(int attack_type, struct block_list *src, struct block
case NJ_KAMAITACHI:
if ( sd && sd->spiritcharm[SPIRITS_TYPE_CHARM_WIND] > 0 )
skillratio += 10 * sd->spiritcharm[SPIRITS_TYPE_CHARM_WIND];
+ /* Fall through */
case NPC_ENERGYDRAIN:
skillratio += 100 * skill_lv;
break;
@@ -2459,6 +2462,7 @@ int battle_calc_skillratio(int attack_type, struct block_list *src, struct block
break;
case GN_SPORE_EXPLOSION:
skillratio = 100 * skill_lv + (200 + st->int_) * status->get_lv(src) / 100;
+ /* Fall through */
case GN_CRAZYWEED_ATK:
skillratio += 400 + 100 * skill_lv;
break;
@@ -3521,6 +3525,7 @@ struct Damage battle_calc_magic_attack(struct block_list *src,struct block_list
ad.flag = BF_WEAPON|BF_SHORT;
ad.type = 0;
}
+ /* Fall through */
default:
MATK_RATE(battle->calc_skillratio(BF_MAGIC, src, target, skill_id, skill_lv, skillratio, mflag));
}
@@ -4806,6 +4811,7 @@ struct Damage battle_calc_weapon_attack(struct block_list *src,struct block_list
}
wd.damage = battle->calc_masteryfix(src, target, skill_id, skill_lv, wd.damage, wd.div_, 0, flag.weapon);
}
+ /* Fall through */
#endif
default:
ATK_RATE(battle->calc_skillratio(BF_WEAPON, src, target, skill_id, skill_lv, skillratio, wflag));
diff --git a/src/map/chrif.c b/src/map/chrif.c
index a5003ab95..153216cef 100644
--- a/src/map/chrif.c
+++ b/src/map/chrif.c
@@ -952,14 +952,14 @@ void chrif_idbanned(int fd) {
time_t timestamp;
char tmpstr[2048];
timestamp = (time_t)RFIFOL(fd,7); // status or final date of a banishment
- strcpy(tmpstr, msg_txt(423)); //"Your account has been banished until "
+ safestrncpy(tmpstr, msg_txt(423), sizeof(tmpstr)); //"Your account has been banished until "
strftime(tmpstr + strlen(tmpstr), 24, "%d-%m-%Y %H:%M:%S", localtime(&timestamp));
clif->message(sd->fd, tmpstr);
} else if (RFIFOB(fd,6) == 2) { // 2: change of status for character
time_t timestamp;
char tmpstr[2048];
timestamp = (time_t)RFIFOL(fd,7); // status or final date of a banishment
- strcpy(tmpstr, msg_txt(433)); //"This character has been banned until "
+ safestrncpy(tmpstr, msg_txt(433), sizeof(tmpstr)); //"This character has been banned until "
strftime(tmpstr + strlen(tmpstr), 24, "%d-%m-%Y %H:%M:%S", localtime(&timestamp));
clif->message(sd->fd, tmpstr);
}
diff --git a/src/map/clif.c b/src/map/clif.c
index ae6b6d939..57e01278b 100644
--- a/src/map/clif.c
+++ b/src/map/clif.c
@@ -404,6 +404,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target
case AREA_WOSC:
if (sd && bl->prev == NULL) //Otherwise source misses the packet.[Skotlex]
clif->send (buf, len, bl, SELF);
+ /* Fall through */
case AREA_WOC:
case AREA_WOS:
map->foreachinarea(clif->send_sub, bl->m, bl->x-AREA_SIZE, bl->y-AREA_SIZE, bl->x+AREA_SIZE, bl->y+AREA_SIZE,
@@ -443,6 +444,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target
y0 = bl->y - AREA_SIZE;
x1 = bl->x + AREA_SIZE;
y1 = bl->y + AREA_SIZE;
+ /* Fall through */
case PARTY:
case PARTY_WOS:
case PARTY_SAMEMAP:
@@ -518,6 +520,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target
y0 = bl->y - AREA_SIZE;
x1 = bl->x + AREA_SIZE;
y1 = bl->y + AREA_SIZE;
+ /* Fall through */
case GUILD_SAMEMAP:
case GUILD_SAMEMAP_WOS:
case GUILD:
@@ -569,6 +572,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target
y0 = bl->y - AREA_SIZE;
x1 = bl->x + AREA_SIZE;
y1 = bl->y + AREA_SIZE;
+ /* Fall through */
case BG_SAMEMAP:
case BG_SAMEMAP_WOS:
case BG:
@@ -5629,7 +5633,7 @@ void clif_displaymessage2(const int fd, const char* mes) {
nullpo_retv(mes);
//Scrapped, as these are shared by disconnected players =X [Skotlex]
- if (fd == 0)
+ if (fd == 0 && !map->cpsd_active)
;
else {
// Limit message to 255+1 characters (otherwise it causes a buffer overflow in the client)
diff --git a/src/map/duel.c b/src/map/duel.c
index 98fa91d3e..964ef9e11 100644
--- a/src/map/duel.c
+++ b/src/map/duel.c
@@ -89,7 +89,7 @@ int duel_create(struct map_session_data* sd, const unsigned int maxpl) {
duel->list[i].invites_count = 0;
duel->list[i].max_players_limit = maxpl;
- strcpy(output, msg_txt(372)); // " -- Duel has been created (@invite/@leave) --"
+ safestrncpy(output, msg_txt(372), sizeof(output)); // " -- Duel has been created (@invite/@leave) --"
clif_disp_onlyself(sd, output, strlen(output));
clif->map_property(sd, MAPPROPERTY_FREEPVPZONE);
diff --git a/src/map/elemental.c b/src/map/elemental.c
index 50d6c34b3..a21c128b0 100644
--- a/src/map/elemental.c
+++ b/src/map/elemental.c
@@ -631,6 +631,7 @@ int elemental_ai_sub_timer_activesearch(struct block_list *bl, va_list ap) {
case BL_PC:
if( !map_flag_vs(ed->bl.m) )
return 0;
+ /* Fall through */
default:
dist = distance_bl(&ed->bl, bl);
if( ((*target) == NULL || !check_distance_bl(&ed->bl, *target, dist)) && battle->check_range(&ed->bl,bl,ed->db->range2) ) { //Pick closest target?
diff --git a/src/map/intif.c b/src/map/intif.c
index 73fb648ae..aac04df33 100644
--- a/src/map/intif.c
+++ b/src/map/intif.c
@@ -1248,9 +1248,6 @@ void intif_parse_GuildBasicInfoChanged(int fd) {
int idx, max;
struct guild_skill *gs = (struct guild_skill *)RFIFOP(fd,10);
- if( gs == NULL )
- return;
-
idx = gs->id - GD_SKILLBASE;
max = guild->skill_get_max(gs->id);
if( gs->lv > max )
diff --git a/src/map/map.c b/src/map/map.c
index 7eafde9dc..640dd0ce1 100644
--- a/src/map/map.c
+++ b/src/map/map.c
@@ -3353,10 +3353,10 @@ int map_waterheight(char* mapname)
char *rsw, *found;
//Look up for the rsw
- sprintf(fn, "data\\%s.rsw", mapname);
+ snprintf(fn, sizeof(fn), "data\\%s.rsw", mapname);
- found = grfio_find_file(fn);
- if (found) strcpy(fn, found); // replace with real name
+ if ( (found = grfio_find_file(fn)) )
+ safestrncpy(fn, found, sizeof(fn)); // replace with real name
// read & convert fn
rsw = (char *) grfio_read (fn);
diff --git a/src/map/npc.c b/src/map/npc.c
index 38ba9ae41..c00094f8c 100644
--- a/src/map/npc.c
+++ b/src/map/npc.c
@@ -3876,7 +3876,7 @@ const char* npc_parse_mapflag(char* w1, char* w2, char* w3, char* w4, const char
map->list[m].flag.nomvploot=state;
else if (!strcmpi(w3,"nocommand")) {
if (state) {
- if (sscanf(w4, "%d", &state) == 1)
+ if (w4 && sscanf(w4, "%d", &state) == 1)
map->list[m].nocommand =state;
else //No level specified, block everyone.
map->list[m].nocommand =100;
@@ -4113,7 +4113,6 @@ int npc_parsesrcfile(const char* filepath, bool runOnInit) {
// More info at http://unicode.org/faq/utf_bom.html#bom5 and http://en.wikipedia.org/wiki/Byte_order_mark#UTF-8
ShowError("npc_parsesrcfile: Detected unsupported UTF-8 BOM in file '%s'. Stopping (please consider using another character set.)\n", filepath);
aFree(buffer);
- fclose(fp);
return EXIT_FAILURE;
}
diff --git a/src/map/pc.c b/src/map/pc.c
index 6e9cc1e7a..09194fbab 100644
--- a/src/map/pc.c
+++ b/src/map/pc.c
@@ -4265,6 +4265,7 @@ int pc_isUseitem(struct map_session_data *sd,int n)
case ITEMID_ANODYNE:
if( map_flag_gvg2(sd->bl.m) )
return 0;
+ /* Fall through */
case ITEMID_ALOEBERA:
if( pc_issit(sd) )
return 0;
@@ -4275,6 +4276,7 @@ int pc_isUseitem(struct map_session_data *sd,int n)
clif->skill_mapinfomessage(sd,0);
return 0;
}
+ /* Fall through */
case ITEMID_WING_OF_BUTTERFLY:
case ITEMID_DUN_TELE_SCROLL1:
case ITEMID_DUN_TELE_SCROLL2:
@@ -9046,22 +9048,20 @@ int pc_equipitem(struct map_session_data *sd,int n,int req_pos)
status_calc_pc(sd,SCO_NONE);
if (flag) //Update skill data
clif->skillinfoblock(sd);
-
+
//OnEquip script [Skotlex]
- if (id) {
- if (id->equip_script)
- script->run(id->equip_script,0,sd->bl.id,npc->fake_nd->bl.id);
- if(itemdb_isspecial(sd->status.inventory[n].card[0]))
- ; //No cards
- else {
- for( i = 0; i < id->slot; i++ ) {
- struct item_data *data;
- if (!sd->status.inventory[n].card[i])
- continue;
- if ( ( data = itemdb->exists(sd->status.inventory[n].card[i]) ) != NULL ) {
- if( data->equip_script )
- script->run(data->equip_script,0,sd->bl.id,npc->fake_nd->bl.id);
- }
+ if (id->equip_script)
+ script->run(id->equip_script,0,sd->bl.id,npc->fake_nd->bl.id);
+ if(itemdb_isspecial(sd->status.inventory[n].card[0]))
+ ; //No cards
+ else {
+ for( i = 0; i < id->slot; i++ ) {
+ struct item_data *data;
+ if (!sd->status.inventory[n].card[i])
+ continue;
+ if ( ( data = itemdb->exists(sd->status.inventory[n].card[i]) ) != NULL ) {
+ if( data->equip_script )
+ script->run(data->equip_script,0,sd->bl.id,npc->fake_nd->bl.id);
}
}
}
@@ -9709,7 +9709,7 @@ int map_day_timer(int tid, int64 tick, int id, intptr_t data) {
map->night_flag = 0; // 0=day, 1=night [Yor]
map->foreachpc(pc->daynight_timer_sub);
- strcpy(tmp_soutput, (data == 0) ? msg_txt(502) : msg_txt(60)); // The day has arrived!
+ safestrncpy(tmp_soutput, (data == 0) ? msg_txt(502) : msg_txt(60), sizeof(tmp_soutput)); // The day has arrived!
intif->broadcast(tmp_soutput, strlen(tmp_soutput) + 1, BC_DEFAULT);
return 0;
}
@@ -9729,7 +9729,7 @@ int map_night_timer(int tid, int64 tick, int id, intptr_t data) {
map->night_flag = 1; // 0=day, 1=night [Yor]
map->foreachpc(pc->daynight_timer_sub);
- strcpy(tmp_soutput, (data == 0) ? msg_txt(503) : msg_txt(59)); // The night has fallen...
+ safestrncpy(tmp_soutput, (data == 0) ? msg_txt(503) : msg_txt(59), sizeof(tmp_soutput)); // The night has fallen...
intif->broadcast(tmp_soutput, strlen(tmp_soutput) + 1, BC_DEFAULT);
return 0;
}
diff --git a/src/map/pet.c b/src/map/pet.c
index 71dd39401..3d155b179 100644
--- a/src/map/pet.c
+++ b/src/map/pet.c
@@ -1177,7 +1177,7 @@ int read_petdb()
if( pet->db[j].equip_script )
{
script->free_code(pet->db[j].equip_script);
- pet->db[j].pet_script = NULL;
+ pet->db[j].equip_script = NULL;
}
}
diff --git a/src/map/script.c b/src/map/script.c
index 549d3c269..828e02ab1 100644
--- a/src/map/script.c
+++ b/src/map/script.c
@@ -5372,6 +5372,7 @@ BUILDIN(warpparty)
//"SavePoint" uses save point of the currently attached player
if (( sd = script->rid2sd(st) ) == NULL )
return true;
+ /* Fall through */
default:
map_index = 0;
break;
@@ -6774,7 +6775,7 @@ BUILDIN(grouprandomitem) {
*------------------------------------------*/
BUILDIN(makeitem)
{
- int nameid,amount,flag = 0;
+ int nameid,amount;
int x,y,m;
const char *mapname;
struct item item_tmp;
@@ -6813,12 +6814,9 @@ BUILDIN(makeitem)
memset(&item_tmp,0,sizeof(item_tmp));
- item_tmp.nameid=nameid;
- if(!flag)
- item_tmp.identify=1;
- else
- item_tmp.identify=itemdb->isidentified2(item_data);
-
+ item_tmp.nameid = nameid;
+ item_tmp.identify=1;
+
map->addflooritem(&item_tmp,amount,m,x,y,0,0,0,0);
return true;
@@ -8719,7 +8717,7 @@ BUILDIN(setmount)
option = ( flag == SETMOUNT_TYPE_DRAGON_GREEN ? OPTION_DRAGON1 :
flag == SETMOUNT_TYPE_DRAGON_BROWN ? OPTION_DRAGON2 :
flag == SETMOUNT_TYPE_DRAGON_GRAY ? OPTION_DRAGON3 :
- flag == SETMOUNT_TYPE_DRAGON_RED ? OPTION_DRAGON4 :
+ flag == SETMOUNT_TYPE_DRAGON_BLUE ? OPTION_DRAGON4 :
flag == SETMOUNT_TYPE_DRAGON_RED ? OPTION_DRAGON5 :
OPTION_DRAGON1); // default value
pc->setridingdragon(sd, option);
@@ -14600,7 +14598,7 @@ BUILDIN(sscanf) {
buf_p = reference_getname(data);
if(not_server_variable(*buf_p) && (sd = script->rid2sd(st))==NULL) {
script_pushint(st, -1);
- if(buf) aFree(buf);
+ aFree(buf);
if(ref_str) aFree(ref_str);
return true;
}
diff --git a/src/map/skill.c b/src/map/skill.c
index 6328959d7..6b0c99522 100644
--- a/src/map/skill.c
+++ b/src/map/skill.c
@@ -583,12 +583,13 @@ int skillnotok_hom(uint16 skill_id, struct homun_data *hd)
}
break;
case MH_GOLDENE_FERSE: //can be used with angriff
- if(hd->sc.data[SC_ANGRIFFS_MODUS])
- return 1;
+ if(hd->sc.data[SC_ANGRIFFS_MODUS])
+ return 1;
+ /* Fall through */
case MH_ANGRIFFS_MODUS:
- if(hd->sc.data[SC_GOLDENE_FERSE])
- return 1;
- break;
+ if(hd->sc.data[SC_GOLDENE_FERSE])
+ return 1;
+ break;
}
//Use master's criteria.
@@ -806,6 +807,7 @@ int skill_additional_effect(struct block_list* src, struct block_list *bl, uint1
case AS_VENOMKNIFE:
if (sd) //Poison chance must be that of Envenom. [Skotlex]
skill_lv = pc->checkskill(sd, TF_POISON);
+ /* Fall through */
case TF_POISON:
case AS_SPLASHER:
if (!sc_start2(src,bl,SC_POISON,(4*skill_lv+10),skill_lv,src->id,skill->get_time2(skill_id,skill_lv))
@@ -1408,7 +1410,7 @@ int skill_additional_effect(struct block_list* src, struct block_list *bl, uint1
if (sd->def_set_race[tstatus->race].rate)
status->change_start(src,bl, SC_DEFSET, sd->def_set_race[tstatus->race].rate, sd->def_set_race[tstatus->race].value,
0, 0, 0, sd->def_set_race[tstatus->race].tick, SCFLAG_FIXEDTICK);
- if (sd->def_set_race[tstatus->race].rate)
+ if (sd->mdef_set_race[tstatus->race].rate)
status->change_start(src,bl, SC_MDEFSET, sd->mdef_set_race[tstatus->race].rate, sd->mdef_set_race[tstatus->race].value,
0, 0, 0, sd->mdef_set_race[tstatus->race].tick, SCFLAG_FIXEDTICK);
}
@@ -2461,6 +2463,7 @@ int skill_attack(int attack_type, struct block_list* src, struct block_list *dsr
break;
case LG_OVERBRAND_BRANDISH:
case LG_OVERBRAND:
+ /* Fall through */
dmg.amotion = status_get_amotion(src) * 2;
case LG_OVERBRAND_PLUSATK:
dmg.dmotion = clif->skill_damage(dsrc,bl,tick,status_get_amotion(src),dmg.dmotion,damage,dmg.div_,skill_id,-1,5);
@@ -3666,6 +3669,7 @@ int skill_castend_damage_id(struct block_list* src, struct block_list *bl, uint1
case NC_PILEBUNKER:
case NC_COLDSLOWER:
if (sd) pc->overheat(sd,1);
+ /* Fall through */
case RK_WINDCUTTER:
skill->attack(BF_WEAPON,src,src,bl,skill_id,skill_lv,tick,flag|SD_ANIMATION);
break;
@@ -3727,6 +3731,7 @@ int skill_castend_damage_id(struct block_list* src, struct block_list *bl, uint1
case NC_FLAMELAUNCHER:
if (sd) pc->overheat(sd,1);
+ /* Fall through */
case SN_SHARPSHOOTING:
case MA_SHARPSHOOTING:
case NJ_KAMAITACHI:
@@ -4188,6 +4193,7 @@ int skill_castend_damage_id(struct block_list* src, struct block_list *bl, uint1
case NPC_DARKBREATH:
clif->emotion(src,E_AG);
+ /* Fall through */
case SN_FALCONASSAULT:
case PA_PRESSURE:
case CR_ACIDDEMONSTRATION:
@@ -4877,6 +4883,7 @@ int skill_castend_id(int tid, int64 tick, int id, intptr_t data) {
//These should become skill_castend_pos
case WE_CALLPARTNER:
if(sd) clif->callpartner(sd);
+ /* Fall through */
case WE_CALLPARENT:
case WE_CALLBABY:
case AM_RESURRECTHOMUN:
@@ -6233,6 +6240,7 @@ int skill_castend_nodamage_id(struct block_list *src, struct block_list *bl, uin
case SR_WINDMILL:
case GN_CART_TORNADO:
clif->skill_nodamage(src,bl,skill_id,skill_lv,1);
+ /* Fall through */
case SR_EARTHSHAKER:
case NC_INFRAREDSCAN:
case NPC_EARTHQUAKE:
@@ -10419,7 +10427,7 @@ int skill_castend_pos2(struct block_list* src, int x, int y, uint16 skill_id, ui
flag|=1;
break;
case HP_BASILICA:
- if( sc->data[SC_BASILICA] )
+ if( sc && sc->data[SC_BASILICA] )
status_change_end(src, SC_BASILICA, INVALID_TIMER); // Cancel Basilica
else { // Create Basilica. Start SC on caster. Unit timer start SC on others.
if( map->foreachinrange(skill_count_wos, src, 2, BL_MOB|BL_PC, src) ) {
@@ -10448,6 +10456,7 @@ int skill_castend_pos2(struct block_list* src, int x, int y, uint16 skill_id, ui
case SO_WARMER:
flag|= 8;
+ /* Fall through */
case SO_CLOUD_KILL:
skill->unitsetting(src,skill_id,skill_lv,x,y,0);
break;
@@ -10669,6 +10678,7 @@ int skill_castend_pos2(struct block_list* src, int x, int y, uint16 skill_id, ui
case RK_WINDCUTTER:
clif->skill_damage(src, src, tick, status_get_amotion(src), 0, -30000, 1, skill_id, skill_lv, 6);
+ /* Fall through */
case NC_COLDSLOWER:
case RK_DRAGONBREATH:
case RK_DRAGONBREATH_WATER:
@@ -12624,6 +12634,7 @@ int skill_unit_onleft(uint16 skill_id, struct block_list *bl, int64 tick) {
//your own. Let's pray that scenario is pretty unlikely and none will complain too much about it.
status_change_end(bl, SC_DANCING, INVALID_TIMER);
}
+ /* Fall through */
case MH_STEINWAND:
case MG_SAFETYWALL:
case AL_PNEUMA:
@@ -14125,6 +14136,7 @@ int skill_check_condition_castend(struct map_session_data* sd, uint16 skill_id,
case ITEMID_REPAIR_KIT:
case ITEMID_MONKEY_SPANNER:
cause = USESKILL_FAIL_NEED_EQUIPMENT;
+ /* Fall through */
default:
clif->skill_fail(sd, skill_id, cause, max(1,require.amount[i])|(require.itemid[i] << 16));
return 0;
@@ -14269,12 +14281,11 @@ struct skill_condition skill_get_requirement(struct map_session_data* sd, uint16
case KO_YAMIKUMO:
if( sc && sc->data[status->skill2sc(skill_id)] )
return req;
+ /* Fall through */
default:
- {
if (skill->get_requirement_off_unknown(sc, &skill_id))
return req;
break;
- }
}
idx = skill->get_index(skill_id);
@@ -17393,6 +17404,7 @@ int skill_produce_mix(struct map_session_data *sd, uint16 skill_id, int nameid,
switch (skill_id) {
case ASC_CDP: //25% Damage yourself, and display same effect as failed potion.
status_percent_damage(NULL, &sd->bl, -25, 0, true);
+ /* Fall through */
case AM_PHARMACY:
case AM_TWILIGHT1:
case AM_TWILIGHT2:
diff --git a/src/map/status.c b/src/map/status.c
index 667d52dc2..e61c1df19 100644
--- a/src/map/status.c
+++ b/src/map/status.c
@@ -1541,12 +1541,12 @@ int status_fixed_revive(struct block_list *bl, unsigned int per_hp, unsigned int
if(hp > st->max_hp - st->hp)
hp = st->max_hp - st->hp;
- else if (per_hp && !hp)
+ else if (!hp)
hp = 1;
if(sp > st->max_sp - st->sp)
sp = st->max_sp - st->sp;
- else if (per_sp && !sp)
+ else if (!sp)
sp = 1;
st->hp += hp;
@@ -6576,6 +6576,7 @@ int status_get_sc_def(struct block_list *src, struct block_list *bl, enum sc_typ
break;
case SC_OBLIVIONCURSE: // 100% - (100 - 0.8 x INT)
sc_def = st->int_*80;
+ /* Fall through */
case SC_TOXIN:
case SC_PARALYSE:
case SC_VENOMBLEED:
@@ -8722,13 +8723,14 @@ int status_change_start(struct block_list *src, struct block_list *bl, enum sc_t
val3 = 5 * val1 + val2;//Movement Speed And ASPD Increase
break;
case SC_SYMPHONY_LOVE:
- val2 = 12 * val1 + val2 + sd->status.job_level / 4;//MDEF Increase In %
+ val2 = 12 * val1 + val2 + (sd ? sd->status.job_level : 70) / 4;//MDEF Increase In %
+ break;
case SC_MOONLIT_SERENADE:
case SC_RUSH_WINDMILL:
- val2 = 6 * val1 + val2 + sd->status.job_level / 5;
+ val2 = 6 * val1 + val2 + (sd ? sd->status.job_level : 70) / 5;
break;
case SC_ECHOSONG:
- val3 = 6 * val1 + val2 + sd->status.job_level / 4;//DEF Increase In %
+ val3 = 6 * val1 + val2 + (sd ? sd->status.job_level : 70) / 4;//DEF Increase In %
break;
case SC_HARMONIZE:
val2 = 5 + 5 * val1;
@@ -10306,6 +10308,7 @@ int status_change_end_(struct block_list* bl, enum sc_type type, int tid, const
case SC_CLOAKING:
case SC_CLOAKINGEXCEED:
sc->option &= ~OPTION_CLOAK;
+ /* Fall through */
case SC_CAMOUFLAGE:
opt_flag|= 2;
break;
@@ -11395,6 +11398,7 @@ int status_change_timer_sub(struct block_list* bl, va_list ap) {
if( tsc && tsc->data[SC__SHADOWFORM] && (sce && sce->val4 >0 && sce->val4%2000 == 0) && // for every 2 seconds do the checking
rnd()%100 < 100-tsc->data[SC__SHADOWFORM]->val1*10 ) // [100 - (Skill Level x 10)] %
status_change_end(bl, SC__SHADOWFORM, INVALID_TIMER);
+ /* Fall through */
case SC_CONCENTRATION:
status_change_end(bl, SC_HIDING, INVALID_TIMER);
status_change_end(bl, SC_CLOAKING, INVALID_TIMER);
diff --git a/src/map/trade.c b/src/map/trade.c
index 4d6909957..46acb4e16 100644
--- a/src/map/trade.c
+++ b/src/map/trade.c
@@ -202,16 +202,16 @@ int impossible_trade_check(struct map_session_data *sd)
index = sd->deal.item[i].index;
if (inventory[index].amount < sd->deal.item[i].amount) {
// if more than the player have -> hack
- sprintf(message_to_gm, msg_txt(538), sd->status.name, sd->status.account_id); // Hack on trade: character '%s' (account: %d) try to trade more items that he has.
+ snprintf(message_to_gm, sizeof(message_to_gm), msg_txt(538), sd->status.name, sd->status.account_id); // Hack on trade: character '%s' (account: %d) try to trade more items that he has.
intif->wis_message_to_gm(map->wisp_server_name, PC_PERM_RECEIVE_HACK_INFO, message_to_gm);
- sprintf(message_to_gm, msg_txt(539), inventory[index].amount, inventory[index].nameid, sd->deal.item[i].amount); // This player has %d of a kind of item (id: %d), and try to trade %d of them.
+ snprintf(message_to_gm, sizeof(message_to_gm), msg_txt(539), inventory[index].amount, inventory[index].nameid, sd->deal.item[i].amount); // This player has %d of a kind of item (id: %d), and try to trade %d of them.
intif->wis_message_to_gm(map->wisp_server_name, PC_PERM_RECEIVE_HACK_INFO, message_to_gm);
// if we block people
if (battle_config.ban_hack_trade < 0) {
chrif->char_ask_name(-1, sd->status.name, 1, 0, 0, 0, 0, 0, 0); // type: 1 - block
set_eof(sd->fd); // forced to disconnect because of the hack
// message about the ban
- strcpy(message_to_gm, msg_txt(540)); // This player has been definitively blocked.
+ safestrncpy(message_to_gm, msg_txt(540), sizeof(message_to_gm)); // This player has been definitively blocked.
// if we ban people
} else if (battle_config.ban_hack_trade > 0) {
chrif->char_ask_name(-1, sd->status.name, 2, 0, 0, 0, 0, battle_config.ban_hack_trade, 0); // type: 2 - ban (year, month, day, hour, minute, second)
@@ -220,7 +220,7 @@ int impossible_trade_check(struct map_session_data *sd)
sprintf(message_to_gm, msg_txt(507), battle_config.ban_hack_trade); // This player has been banned for %d minute(s).
} else
// message about the ban
- strcpy(message_to_gm, msg_txt(508)); // This player hasn't been banned (Ban option is disabled).
+ safestrncpy(message_to_gm, msg_txt(508), sizeof(message_to_gm)); // This player hasn't been banned (Ban option is disabled).
intif->wis_message_to_gm(map->wisp_server_name, PC_PERM_RECEIVE_HACK_INFO, message_to_gm);
return 1;
diff --git a/src/tool/mapcache.c b/src/tool/mapcache.c
index cfd05b0aa..2cc70ebf3 100644
--- a/src/tool/mapcache.c
+++ b/src/tool/mapcache.c
@@ -192,13 +192,13 @@ void process_args(int argc, char *argv[])
for(i = 0; i < argc; i++) {
if(strcmp(argv[i], "-grf") == 0) {
if(++i < argc)
- strcpy(grf_list_file, argv[i]);
+ safestrncpy(grf_list_file, argv[i], sizeof(grf_list_file));
} else if(strcmp(argv[i], "-list") == 0) {
if(++i < argc)
- strcpy(map_list_file, argv[i]);
+ safestrncpy(map_list_file, argv[i], sizeof(map_list_file));
} else if(strcmp(argv[i], "-cache") == 0) {
if(++i < argc)
- strcpy(map_cache_file, argv[i]);
+ safestrncpy(map_cache_file, argv[i], sizeof(map_cache_file));
} else if(strcmp(argv[i], "-rebuild") == 0)
rebuild = 1;
}