From a3c4d675ba19df385be5d1e3966c61de7186da57 Mon Sep 17 00:00:00 2001 From: shennetsind Date: Sat, 17 Jan 2015 20:18:49 -0200 Subject: 27 Fixes Addressing out of bounds read/write, pointless null checks on already deferenced variables. Special Thanks to 4144 and Haruna! Signed-off-by: shennetsind --- src/map/pc.c | 33 ++++++++++++++++----------------- 1 file changed, 16 insertions(+), 17 deletions(-) (limited to 'src/map/pc.c') diff --git a/src/map/pc.c b/src/map/pc.c index 10b464570..6e9cc1e7a 100644 --- a/src/map/pc.c +++ b/src/map/pc.c @@ -886,11 +886,12 @@ int pc_isequip(struct map_session_data *sd,int n) item = sd->inventory_data[n]; - if(pc_has_permission(sd, PC_PERM_USE_ALL_EQUIPMENT)) - return 1; - if(item == NULL) return 0; + + if(pc_has_permission(sd, PC_PERM_USE_ALL_EQUIPMENT)) + return 1; + if(item->elv && sd->status.base_level < (unsigned int)item->elv){ clif->msg(sd, 0x6ED); return 0; @@ -9026,20 +9027,18 @@ int pc_equipitem(struct map_session_data *sd,int n,int req_pos) iflag = sd->npc_item_flag; /* check for combos (MUST be before status_calc_pc) */ - if ( id ) { - if( id->combos_count ) - pc->checkcombo(sd,id); - if(itemdb_isspecial(sd->status.inventory[n].card[0])) - ; //No cards - else { - for( i = 0; i < id->slot; i++ ) { - struct item_data *data; - if (!sd->status.inventory[n].card[i]) - continue; - if ( ( data = itemdb->exists(sd->status.inventory[n].card[i]) ) != NULL ) { - if( data->combos_count ) - pc->checkcombo(sd,data); - } + if( id->combos_count ) + pc->checkcombo(sd,id); + if(itemdb_isspecial(sd->status.inventory[n].card[0])) + ; //No cards + else { + for( i = 0; i < id->slot; i++ ) { + struct item_data *data; + if (!sd->status.inventory[n].card[i]) + continue; + if ( ( data = itemdb->exists(sd->status.inventory[n].card[i]) ) != NULL ) { + if( data->combos_count ) + pc->checkcombo(sd,data); } } } -- cgit v1.2.3-60-g2f50