summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Changelog.txt13
-rw-r--r--src/common/mmo.h2
-rw-r--r--src/map/chat.c4
-rw-r--r--src/map/clif.c2
-rw-r--r--src/map/guild.c2
-rw-r--r--src/map/mob.c2
-rw-r--r--src/map/npc.c2
-rw-r--r--src/map/pc.c2
-rw-r--r--src/map/trade.c4
9 files changed, 22 insertions, 11 deletions
diff --git a/Changelog.txt b/Changelog.txt
index aaf7f889e..e088898c8 100644
--- a/Changelog.txt
+++ b/Changelog.txt
@@ -1,6 +1,17 @@
Date Added
12/13
- * Internal MAIL system: moved all strings to msg_athena.conf [Lupus]
+ * Increased max skills to 650 from 450 fixing MANY crashes [MouseJstr]
+ * Creating Guild events were reading beyond supplied guild names ,
+ causing crashes [MouseJstr
+ * trades were derefing -2 into the inventory table sometimes [MouseJstr]
+ * Not having a arrow in your inventory but having a bow
+ could cause it to set sd->status.inventory[-1].equip=32768
+ resulting in a memory corruption [MouseJstr]
+ * local broadcasts of messages larger then 64 bytes were
+ corrupting the stack, causing crashes [MouseJstr]
+ * mob eventnames were reading beyond source point, risking
+ going over page boundries, causing crashes [MouseJstr]
+ * Internal MAIL system: moved all strings to msg_athena.conf [Lupus]
12/12
* Made guild skills to check for skill levels first when casting [celest]
diff --git a/src/common/mmo.h b/src/common/mmo.h
index ffcba6e28..3504b00e4 100644
--- a/src/common/mmo.h
+++ b/src/common/mmo.h
@@ -29,7 +29,7 @@
#define MAX_AMOUNT 30000
#define MAX_ZENY 1000000000 // 1G zeny
#define MAX_CART 100
-#define MAX_SKILL 450
+#define MAX_SKILL 650
#define GLOBAL_REG_NUM 96
#define ACCOUNT_REG_NUM 16
#define ACCOUNT_REG2_NUM 16
diff --git a/src/map/chat.c b/src/map/chat.c
index 75788f03b..c7ec13a5f 100644
--- a/src/map/chat.c
+++ b/src/map/chat.c
@@ -275,7 +275,7 @@ int chat_createnpcchat(struct npc_data *nd,int limit,int pub,int trigger,char* t
cd->trigger = trigger;
cd->pub = pub;
cd->users = 0;
- memcpy(cd->pass,"",8);
+ memcpy(cd->pass,"",1);
if(titlelen>=sizeof(cd->title)-1) titlelen=sizeof(cd->title)-1;
memcpy(cd->title,title,titlelen);
cd->title[titlelen]=0;
@@ -286,7 +286,7 @@ int chat_createnpcchat(struct npc_data *nd,int limit,int pub,int trigger,char* t
cd->bl.type = BL_CHAT;
cd->owner_ = (struct block_list *)nd;
cd->owner = &cd->owner_;
- memcpy(cd->npc_event,ev,sizeof(cd->npc_event));
+ memcpy(cd->npc_event,ev,strlen(ev));
cd->bl.id = map_addobject(&cd->bl);
if(cd->bl.id==0){
diff --git a/src/map/clif.c b/src/map/clif.c
index de64d07b0..0d2370890 100644
--- a/src/map/clif.c
+++ b/src/map/clif.c
@@ -9030,7 +9030,7 @@ void clif_parse_ResetChar(int fd, struct map_session_data *sd) {
*------------------------------------------
*/
void clif_parse_LGMmessage(int fd, struct map_session_data *sd) {
- unsigned char buf[64];
+ unsigned char buf[512];
nullpo_retv(sd);
diff --git a/src/map/guild.c b/src/map/guild.c
index 8d84705fd..2937940c3 100644
--- a/src/map/guild.c
+++ b/src/map/guild.c
@@ -364,7 +364,7 @@ int guild_npc_request_info(int guild_id,const char *event)
return guild_request_info(guild_id);
ev=(struct eventlist *)aCalloc(1,sizeof(struct eventlist));
- memcpy(ev->name,event,sizeof(ev->name));
+ memcpy(ev->name,event,strlen(event));
ev->next=(struct eventlist *)numdb_search(guild_infoevent_db,guild_id);
numdb_insert(guild_infoevent_db,guild_id,ev);
return guild_request_info(guild_id);
diff --git a/src/map/mob.c b/src/map/mob.c
index bf8cbe293..e802e9228 100644
--- a/src/map/mob.c
+++ b/src/map/mob.c
@@ -184,7 +184,7 @@ int mob_once_spawn(struct map_session_data *sd,char *mapname,
md->spawndelay1=-1; // 一度のみフラグ
md->spawndelay2=-1; // 一度のみフラグ
- memcpy(md->npc_event,event,sizeof(md->npc_event));
+ memcpy(md->npc_event,event,strlen(event));
md->bl.type=BL_MOB;
map_addiddb(&md->bl);
diff --git a/src/map/npc.c b/src/map/npc.c
index b1f9c54ec..e71fb050b 100644
--- a/src/map/npc.c
+++ b/src/map/npc.c
@@ -2013,7 +2013,7 @@ static int npc_parse_mapflag(char *w1,char *w2,char *w3,char *w4)
//マップフラグ
if ( strcmpi(w3,"nosave")==0) {
if (strcmp(w4,"SavePoint")==0) {
- memcpy(map[m].save.map,"SavePoint",16);
+ memcpy(map[m].save.map,"SavePoint",10);
map[m].save.x=-1;
map[m].save.y=-1;
}else if (sscanf(w4,"%[^,],%d,%d",savemap,&savex,&savey)==3) {
diff --git a/src/map/pc.c b/src/map/pc.c
index 537aa91b8..6b4e4d7a6 100644
--- a/src/map/pc.c
+++ b/src/map/pc.c
@@ -6762,7 +6762,7 @@ int pc_equipitem(struct map_session_data *sd,int n,int pos)
clif_changelook(&sd->bl,LOOK_SHOES,0);
pc_checkallowskill(sd); // ?備品でスキルか解除されるかチェック
- if (itemdb_look(sd->status.inventory[n].nameid) == 11 && arrow){ // Added by RoVeRT
+ if (itemdb_look(sd->status.inventory[n].nameid) == 11 && (arrow >= 0)){ // Added by RoVeRT
clif_arrowequip(sd,arrow);
sd->status.inventory[arrow].equip=32768;
}
diff --git a/src/map/trade.c b/src/map/trade.c
index 9d2128690..ddb45a73b 100644
--- a/src/map/trade.c
+++ b/src/map/trade.c
@@ -142,8 +142,8 @@ void trade_tradeok(struct map_session_data *sd)
nullpo_retv(sd);
for(trade_i=0;trade_i<10;trade_i++) {
- if(sd->deal_item_amount[trade_i]>sd->status.inventory[sd->deal_item_index[trade_i]-2].amount ||
- sd->deal_item_amount[trade_i]<0) {
+ int idx = sd->deal_item_index[trade_i]-2;
+ if(((idx >= 0) && (sd->deal_item_amount[trade_i]>sd->status.inventory[idx].amount)) || sd->deal_item_amount[trade_i]<0) {
trade_tradecancel(sd);
return;
}