From c6ca79ad9e7a897e3598bede517b5b1e829aea7c Mon Sep 17 00:00:00 2001 From: FlavioJS Date: Sat, 12 Jan 2008 17:12:23 +0000 Subject: * Possible fix to ers/status_change crashing. [FlavioJS] - this patch is untested. Didn't find anyone willing to test it and I can't reproduce the crash so can't test the patch. symptom: status_change_entry.timer is being modified after the entry is freed. ers uses that memory location as a pointer when the entry is freed, it crashes when accessing the contents when it points to an invalid location. assumption: status_change_start starts an already existing status. as a consequence of something called inside status_change_start the status is ended. when the sce is finally being modified, it's modifying a freed entry. git-svn-id: https://rathena.svn.sourceforge.net/svnroot/rathena/trunk@12058 54d463be-8e91-2dee-dedb-b68131a5f0ec --- Changelog-Trunk.txt | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'Changelog-Trunk.txt') diff --git a/Changelog-Trunk.txt b/Changelog-Trunk.txt index 82bb3d58f..77c7050bd 100644 --- a/Changelog-Trunk.txt +++ b/Changelog-Trunk.txt @@ -3,6 +3,18 @@ Date Added AS OF SVN REV. 5091, WE ARE NOW USING TRUNK. ALL UNTESTED BUGFIXES/FEATURES GO INTO TRUNK. IF YOU HAVE A WORKING AND TESTED BUGFIX PUT IT INTO STABLE AS WELL AS TRUNK. +2008/01/12 + * Possible fix to ers/status_change crashing. [FlavioJS] + - this patch is untested. Didn't find anyone willing to test it and I can't + reproduce the crash so can't test the patch. + symptom: + status_change_entry.timer is being modified after the entry is freed. + ers uses that memory location as a pointer when the entry is freed, + it crashes when accessing the contents when it points to an invalid location. + assumption: + status_change_start starts an already existing status. + as a consequence of something called inside status_change_start the status is ended. + when the sce is finally being modified, it's modifying a freed entry. 2008/01/11 * Implemented the extra damage bonus to TK_JUMPKICK when it is used while running (however what the bonus's equation is has been lost to time, so -- cgit v1.2.3-60-g2f50