Added some missing variable initializations

- The issue was caused by memcmp failing because of garbage in structs
  padding.
- Fixes bugreport:8410, special thanks (and credits for the fix) to Garr
  http://hercules.ws/board/tracker/issue-8410-autotradeat-issue/
- Also reduced scope of some variables, where appropriate.
- Thanks to Ind.

Signed-off-by: Haru <haru@dotalux.com>

10 files changed, 40 insertions, 32 deletions

diff --git a/src/char/char.c b/src/char/char.c
index 6549ead3c..824c782bc 100644
--- a/src/char/char.c
+++ b/src/char/char.c
@@ -750,6 +750,7 @@ int memitemdata_to_sql(const struct item items[], int max, int id, int tableswit
 		return 1;
 	}
 
+	memset(&item, 0, sizeof(item));
 	SQL->StmtBindColumn(stmt, 0, SQLDT_INT,       &item.id,          0, NULL, NULL);
 	SQL->StmtBindColumn(stmt, 1, SQLDT_SHORT,     &item.nameid,      0, NULL, NULL);
 	SQL->StmtBindColumn(stmt, 2, SQLDT_SHORT,     &item.amount,      0, NULL, NULL);
@@ -893,6 +894,7 @@ int inventory_to_sql(const struct item items[], int max, int id) {
 		return 1;
 	}
 
+	memset(&item, 0, sizeof(item));
 	SQL->StmtBindColumn(stmt, 0, SQLDT_INT,       &item.id,          0, NULL, NULL);
 	SQL->StmtBindColumn(stmt, 1, SQLDT_SHORT,     &item.nameid,      0, NULL, NULL);
 	SQL->StmtBindColumn(stmt, 2, SQLDT_SHORT,     &item.amount,      0, NULL, NULL);
@@ -1229,6 +1231,7 @@ int mmo_char_fromsql(int char_id, struct mmo_charstatus* p, bool load_everything
 
 	//read memo data
 	//`memo` (`memo_id`,`char_id`,`map`,`x`,`y`)
+	memset(&tmp_point, 0, sizeof(tmp_point));
 	if( SQL_ERROR == SQL->StmtPrepare(stmt, "SELECT `map`,`x`,`y` FROM `%s` WHERE `char_id`=? ORDER by `memo_id` LIMIT %d", memo_db, MAX_MEMOPOINTS)
 	||	SQL_ERROR == SQL->StmtBindParam(stmt, 0, SQLDT_INT, &char_id, 0)
 	||	SQL_ERROR == SQL->StmtExecute(stmt)
@@ -1251,6 +1254,7 @@ int mmo_char_fromsql(int char_id, struct mmo_charstatus* p, bool load_everything
 		StrBuf->Printf(&buf, ", `card%d`", i);
 	StrBuf->Printf(&buf, " FROM `%s` WHERE `char_id`=? LIMIT %d", inventory_db, MAX_INVENTORY);
 
+	memset(&tmp_item, 0, sizeof(tmp_item));
 	if( SQL_ERROR == SQL->StmtPrepareStr(stmt, StrBuf->Value(&buf))
 	||	SQL_ERROR == SQL->StmtBindParam(stmt, 0, SQLDT_INT, &char_id, 0)
 	||	SQL_ERROR == SQL->StmtExecute(stmt)
@@ -1312,6 +1316,7 @@ int mmo_char_fromsql(int char_id, struct mmo_charstatus* p, bool load_everything
 
 	//read skill
 	//`skill` (`char_id`, `id`, `lv`)
+	memset(&tmp_skill, 0, sizeof(tmp_skill));
 	if( SQL_ERROR == SQL->StmtPrepare(stmt, "SELECT `id`, `lv`,`flag` FROM `%s` WHERE `char_id`=? LIMIT %d", skill_db, MAX_SKILL)
 	||	SQL_ERROR == SQL->StmtBindParam(stmt, 0, SQLDT_INT, &char_id, 0)
 	||	SQL_ERROR == SQL->StmtExecute(stmt)
@@ -1333,6 +1338,7 @@ int mmo_char_fromsql(int char_id, struct mmo_charstatus* p, bool load_everything
 
 	//read friends
 	//`friends` (`char_id`, `friend_account`, `friend_id`)
+	memset(&tmp_friend, 0, sizeof(tmp_friend));
 	if( SQL_ERROR == SQL->StmtPrepare(stmt, "SELECT c.`account_id`, c.`char_id`, c.`name` FROM `%s` c LEFT JOIN `%s` f ON f.`friend_account` = c.`account_id` AND f.`friend_id` = c.`char_id` WHERE f.`char_id`=? LIMIT %d", char_db, friend_db, MAX_FRIENDS)
 	||	SQL_ERROR == SQL->StmtBindParam(stmt, 0, SQLDT_INT, &char_id, 0)
 	||	SQL_ERROR == SQL->StmtExecute(stmt)
@@ -1348,6 +1354,7 @@ int mmo_char_fromsql(int char_id, struct mmo_charstatus* p, bool load_everything
 #ifdef HOTKEY_SAVING
 	//read hotkeys
 	//`hotkey` (`char_id`, `hotkey`, `type`, `itemskill_id`, `skill_lvl`
+	memset(&tmp_hotkey, 0, sizeof(tmp_hotkey));
 	if( SQL_ERROR == SQL->StmtPrepare(stmt, "SELECT `hotkey`, `type`, `itemskill_id`, `skill_lvl` FROM `%s` WHERE `char_id`=?", hotkey_db)
 	||	SQL_ERROR == SQL->StmtBindParam(stmt, 0, SQLDT_INT, &char_id, 0)
 	||	SQL_ERROR == SQL->StmtExecute(stmt)
@@ -3061,6 +3068,7 @@ int parse_frommap(int fd)
 					int count;
 					char* data;
 
+					memset(&scdata, 0, sizeof(scdata));
 					WFIFOHEAD(fd,14+50*sizeof(struct status_change_data));
 					WFIFOW(fd,0) = 0x2b1d;
 					WFIFOL(fd,4) = aid;
@@ -3232,7 +3240,6 @@ int parse_frommap(int fd)
 			{
 				int map_id, map_fd = -1;
 				struct mmo_charstatus* char_data;
-				struct mmo_charstatus char_dat;
 
 				map_id = search_mapserver(RFIFOW(fd,18), ntohl(RFIFOL(fd,24)), ntohs(RFIFOW(fd,28))); //Locate mapserver by ip and port.
 				if (map_id >= 0)
@@ -3240,6 +3247,7 @@ int parse_frommap(int fd)
 				//Char should just had been saved before this packet, so this should be safe. [Skotlex]
 				char_data = (struct mmo_charstatus*)uidb_get(char_db_,RFIFOL(fd,14));
 				if (char_data == NULL) {	//Really shouldn't happen.
+					struct mmo_charstatus char_dat;
 					mmo_char_fromsql(RFIFOL(fd,14), &char_dat, true);
 					char_data = (struct mmo_charstatus*)uidb_get(char_db_,RFIFOL(fd,14));
 				}
diff --git a/src/char/char.h b/src/char/char.h
index 5a70d2ca7..4d053484b 100644
--- a/src/char/char.h
+++ b/src/char/char.h
@@ -14,8 +14,6 @@ enum E_CHARSERVER_ST {
 	CHARSERVER_ST_LAST
 };
 
-struct mmo_charstatus;
-
 struct char_session_data {
 	bool auth; // whether the session is authed or not
 	int account_id, login_id1, login_id2, sex;
diff --git a/src/char/int_mail.c b/src/char/int_mail.c
index 86a36d59f..47d2cc1c5 100644
--- a/src/char/int_mail.c
+++ b/src/char/int_mail.c
@@ -148,6 +148,7 @@ static bool mail_loadmessage(int mail_id, struct mail_message* msg)
 {
 	int j;
 	StringBuf buf;
+	memset(msg, 0, sizeof(struct mail_message)); // Initialize data
 
 	StrBuf->Init(&buf);
 	StrBuf->AppendStr(&buf, "SELECT `id`,`send_name`,`send_id`,`dest_name`,`dest_id`,`title`,`message`,`time`,`status`,"
@@ -206,6 +207,7 @@ static bool mail_loadmessage(int mail_id, struct mail_message* msg)
 static void mapif_Mail_sendinbox(int fd, int char_id, unsigned char flag)
 {
 	struct mail_data md;
+	memset(&md, 0, sizeof(md));
 	mail_fromsql(char_id, &md);
 
 	//FIXME: dumping the whole structure like this is unsafe [ultramage]
@@ -262,6 +264,7 @@ static bool mail_DeleteAttach(int mail_id)
 static void mapif_Mail_getattach(int fd, int char_id, int mail_id)
 {
 	struct mail_message msg;
+	memset(&msg, 0, sizeof(msg));
 
 	if( !mail_loadmessage(mail_id, &msg) )
 		return;
diff --git a/src/char/int_storage.c b/src/char/int_storage.c
index 882d9b2a5..b9d9f2e2c 100644
--- a/src/char/int_storage.c
+++ b/src/char/int_storage.c
@@ -282,6 +282,7 @@ int mapif_parse_ItemBoundRetrieve_sub(int fd)
 		return 1;
 	}
 
+	memset(&item, 0, sizeof(item));
 	SQL->StmtBindColumn(stmt, 0, SQLDT_INT,       &item.id,          0, NULL, NULL);
 	SQL->StmtBindColumn(stmt, 1, SQLDT_SHORT,     &item.nameid,      0, NULL, NULL);
 	SQL->StmtBindColumn(stmt, 2, SQLDT_SHORT,     &item.amount,      0, NULL, NULL);
diff --git a/src/login/login.c b/src/login/login.c
index 828afb22b..129049627 100644
--- a/src/login/login.c
+++ b/src/login/login.c
@@ -1651,6 +1651,7 @@ int login_config_read(const char* cfgName)
 		else if(!strcmpi(w1, "client_hash")) {
 			int group = 0;
 			char md5[33];
+			memset(md5, '\0', 33);
 
 			if (sscanf(w2, "%d, %32s", &group, md5) == 2) {
 				struct client_hash_node *nnode;
diff --git a/src/map/clif.c b/src/map/clif.c
index 033a5e081..ae885465b 100644
--- a/src/map/clif.c
+++ b/src/map/clif.c
@@ -15117,7 +15117,8 @@ void clif_parse_Mail_send(int fd, struct map_session_data *sd)
 	if (body_len > MAIL_BODY_LENGTH)
 		body_len = MAIL_BODY_LENGTH;
 
-	if( !mail->setattachment(sd, &msg) ) { // Invalid Append condition
+	memset(&msg, 0, sizeof(msg));
+	if (!mail->setattachment(sd, &msg)) { // Invalid Append condition
 		clif->mail_send(sd->fd, true); // fail
 		mail->removeitem(sd,0);
 		mail->removezeny(sd,0);
@@ -15335,9 +15336,10 @@ void clif_parse_Auction_register(int fd, struct map_session_data *sd)
 	struct auction_data auction;
 	struct item_data *item;
 
-	if( !battle_config.feature_auction )
+	if (!battle_config.feature_auction)
 		return;
 
+	memset(&auction, 0, sizeof(auction));
 	auction.price = RFIFOL(fd,2);
 	auction.buynow = RFIFOL(fd,6);
 	auction.hours = RFIFOW(fd,10);
diff --git a/src/map/clif.h b/src/map/clif.h
index bb71db5ae..1013add85 100644
--- a/src/map/clif.h
+++ b/src/map/clif.h
@@ -18,8 +18,6 @@
  **/
 struct item;
 struct item_data;
-struct storage_data;
-struct guild_storage;
 struct unit_data;
 struct map_session_data;
 struct homun_data;
diff --git a/src/map/npc.c b/src/map/npc.c
index 7dc0bda60..46b33bacb 100644
--- a/src/map/npc.c
+++ b/src/map/npc.c
@@ -1818,11 +1818,11 @@ int npc_buylist(struct map_session_data* sd, int n, unsigned short* item_list) {
 	for( i = 0; i < n; ++i ) {
 		int nameid = item_list[i*2+1];
 		int amount = item_list[i*2+0];
-		struct item item_tmp;
 		
-		if (itemdb_type(nameid) == IT_PETEGG)
+		if (itemdb_type(nameid) == IT_PETEGG) {
 			pet->create_egg(sd, nameid);
-		else {
+		} else {
+			struct item item_tmp;
 			memset(&item_tmp,0,sizeof(item_tmp));
 			item_tmp.nameid = nameid;
 			item_tmp.identify = 1;
@@ -1933,7 +1933,6 @@ int npc_market_buylist(struct map_session_data* sd, unsigned short list_size, st
 	for( i = 0; i < list_size; ++i ) {
 		int nameid = p->list[i].ITID;
 		int amount = p->list[i].qty;
-		struct item item_tmp;
 		
 		j = npc_market_qty[i];
 		
@@ -1944,9 +1943,10 @@ int npc_market_buylist(struct map_session_data* sd, unsigned short list_size, st
 		
 		npc->market_tosql(nd,j);
 		
-		if (itemdb_type(nameid) == IT_PETEGG)
+		if (itemdb_type(nameid) == IT_PETEGG) {
 			pet->create_egg(sd, nameid);
-		else {
+		} else {
+			struct item item_tmp;
 			memset(&item_tmp,0,sizeof(item_tmp));
 			item_tmp.nameid = nameid;
 			item_tmp.identify = 1;
diff --git a/src/map/script.c b/src/map/script.c
index f6c8e8651..b8e161e10 100644
--- a/src/map/script.c
+++ b/src/map/script.c
@@ -7013,28 +7013,25 @@ BUILDIN(delitem) {
 	TBL_PC *sd;
 	struct item it;
 
-	if( script_hasdata(st,4) )
-	{
+	if (script_hasdata(st,4)) {
 		int account_id = script_getnum(st,4);
 		sd = map->id2sd(account_id); // <account id>
-		if( sd == NULL )
-		{
+		if (sd == NULL) {
 			ShowError("script:delitem: player not found (AID=%d).\n", account_id);
 			st->state = END;
 			return false;
 		}
-	}
-	else
-	{
+	} else {
 		sd = script->rid2sd(st);// attached player
-		if( sd == NULL )
+		if (sd == NULL)
 			return true;
 	}
 
-	if( script_isstringtype(st, 2) ) {
+	memset(&it, 0, sizeof(it));
+	if (script_isstringtype(st, 2)) {
 		const char* item_name = script_getstr(st, 2);
 		struct item_data* id = itemdb->search_name(item_name);
-		if( id == NULL ) {
+		if (id == NULL) {
 			ShowError("script:delitem: unknown item \"%s\".\n", item_name);
 			st->state = END;
 			return false;
@@ -7042,8 +7039,7 @@ BUILDIN(delitem) {
 		it.nameid = id->nameid;// "<item name>"
 	} else {
 		it.nameid = script_getnum(st, 2);// <item id>
-		if( !itemdb->exists( it.nameid ) )
-		{
+		if (!itemdb->exists(it.nameid)) {
 			ShowError("script:delitem: unknown item \"%d\".\n", it.nameid);
 			st->state = END;
 			return false;
@@ -7074,26 +7070,25 @@ BUILDIN(delitem2) {
 	TBL_PC *sd;
 	struct item it;
 
-	if( script_hasdata(st,11) ) {
+	if (script_hasdata(st,11)) {
 		int account_id = script_getnum(st,11);
 		sd = map->id2sd(account_id); // <account id>
-		if( sd == NULL ) {
+		if (sd == NULL) {
 			ShowError("script:delitem2: player not found (AID=%d).\n", account_id);
 			st->state = END;
 			return false;
 		}
-	}
-	else
-	{
+	} else {
 		sd = script->rid2sd(st);// attached player
 		if( sd == NULL )
 			return true;
 	}
 
-	if( script_isstringtype(st, 2) ) {
+	memset(&it, 0, sizeof(it));
+	if (script_isstringtype(st, 2)) {
 		const char* item_name = script_getstr(st, 2);
 		struct item_data* id = itemdb->search_name(item_name);
-		if( id == NULL ) {
+		if (id == NULL) {
 			ShowError("script:delitem2: unknown item \"%s\".\n", item_name);
 			st->state = END;
 			return false;
diff --git a/src/map/unit.c b/src/map/unit.c
index a54780e83..e99b9f2a1 100644
--- a/src/map/unit.c
+++ b/src/map/unit.c
@@ -95,6 +95,8 @@ int unit_walktoxy_sub(struct block_list *bl)
 	ud = unit->bl2ud(bl);
 	if(ud == NULL) return 0;
 
+	memset(&wpd, 0, sizeof(wpd));
+
 	if( !path->search(&wpd,bl->m,bl->x,bl->y,ud->to_x,ud->to_y,ud->state.walk_easy,CELL_CHKNOPASS) )
 		return 0;