From 21442a885b1214e1b6a2f23a2553da416fb97238 Mon Sep 17 00:00:00 2001 From: Andrei Karas Date: Mon, 14 Sep 2015 19:26:13 +0300 Subject: Add missing checks into clif.c --- src/map/clif.c | 920 +++++++++++++++++++++++++++++++++++++++++++++++++-------- src/map/clif.h | 2 + 2 files changed, 791 insertions(+), 131 deletions(-) (limited to 'src/map') diff --git a/src/map/clif.c b/src/map/clif.c index a229cef66..f61bc7055 100644 --- a/src/map/clif.c +++ b/src/map/clif.c @@ -180,9 +180,14 @@ static inline bool disguised(struct block_list* bl) { return (bool)( bl->type == BL_PC && ((TBL_PC*)bl)->disguise != -1 ); } - //Guarantees that the given string does not exceeds the allowed size, as well as making sure it's null terminated. [Skotlex] static inline unsigned int mes_len_check(char* mes, unsigned int len, unsigned int max) { + nullpo_retr(0, mes); + if (len <= 0) + { + mes[0] = '\0'; + Assert_retr(0, len > 0); + } if( len > max ) len = max; @@ -196,6 +201,7 @@ static inline unsigned int mes_len_check(char* mes, unsigned int len, unsigned i *------------------------------------------*/ bool clif_setip(const char* ip) { char ip_str[16]; + nullpo_retr(false, ip); clif->map_ip = sockt->host2ip(ip); if ( !clif->map_ip ) { ShowWarning("Failed to Resolve Map Server Address! (%s)\n", ip); @@ -208,6 +214,7 @@ bool clif_setip(const char* ip) { } bool clif_setbindip(const char* ip) { + nullpo_retr(false, ip); clif->bind_ip = sockt->host2ip(ip); if ( clif->bind_ip ) { char ip_str[16]; @@ -258,6 +265,7 @@ uint32 clif_refresh_ip(void) #if PACKETVER >= 20071106 static inline unsigned char clif_bl_type(struct block_list *bl) { + nullpo_retr(0x1, bl); switch (bl->type) { case BL_PC: return (disguised(bl) && !pc->db_checkid(status->get_viewdata(bl)->class_))? 0x1:0x0; //PC_TYPE case BL_ITEM: return 0x2; //ITEM_TYPE @@ -342,6 +350,7 @@ int clif_send_sub(struct block_list *bl, va_list ap) { int clif_send_actual(int fd, void *buf, int len) { + nullpo_retr(0, buf); WFIFOHEAD(fd, len); if (WFIFOP(fd,0) == buf) { ShowError("WARNING: Invalid use of clif->send function\n"); @@ -391,8 +400,8 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target case ALL_SAMEMAP: //All players on the same map iter = mapit_getallusers(); - while( (tsd = (TBL_PC*)mapit->next(iter)) != NULL ) { - if( bl->m == tsd->bl.m ) { + while ((tsd = (TBL_PC*)mapit->next(iter)) != NULL) { + if (bl && bl->m == tsd->bl.m) { WFIFOHEAD(tsd->fd, len); memcpy(WFIFOP(tsd->fd,0), buf, len); WFIFOSET(tsd->fd,len); @@ -408,16 +417,19 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target /* Fall through */ case AREA_WOC: case AREA_WOS: + nullpo_retr(true, bl); map->foreachinarea(clif->send_sub, bl->m, bl->x-AREA_SIZE, bl->y-AREA_SIZE, bl->x+AREA_SIZE, bl->y+AREA_SIZE, BL_PC, buf, len, bl, type); break; case AREA_CHAT_WOC: + nullpo_retr(true, bl); map->foreachinarea(clif->send_sub, bl->m, bl->x-(AREA_SIZE-5), bl->y-(AREA_SIZE-5), bl->x+(AREA_SIZE-5), bl->y+(AREA_SIZE-5), BL_PC, buf, len, bl, AREA_WOC); break; case CHAT: case CHAT_WOS: + nullpo_retr(true, bl); { struct chat_data *cd; if (sd) { @@ -441,6 +453,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target case PARTY_AREA: case PARTY_AREA_WOS: + nullpo_retr(true, bl); x0 = bl->x - AREA_SIZE; y0 = bl->y - AREA_SIZE; x1 = bl->x + AREA_SIZE; @@ -517,6 +530,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target // New definitions for guilds [Valaris] - Cleaned up and reorganized by [Skotlex] case GUILD_AREA: case GUILD_AREA_WOS: + nullpo_retr(true, bl); x0 = bl->x - AREA_SIZE; y0 = bl->y - AREA_SIZE; x1 = bl->x + AREA_SIZE; @@ -569,6 +583,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target case BG_AREA: case BG_AREA_WOS: + nullpo_retr(true, bl); x0 = bl->x - AREA_SIZE; y0 = bl->y - AREA_SIZE; x1 = bl->x + AREA_SIZE; @@ -626,6 +641,7 @@ void clif_authok(struct map_session_data *sd) { struct packet_authok p; + nullpo_retv(sd); p.PacketType = authokType; p.startTime = (unsigned int)timer->gettick(); WBUFPOS(&p.PosDir[0],0,sd->bl.x,sd->bl.y,sd->ud.dir); /* do the stupid client math */ @@ -830,7 +846,10 @@ int clif_clearunit_delayed_sub(int tid, int64 tick, int id, intptr_t data) { } void clif_clearunit_delayed(struct block_list* bl, clr_type type, int64 tick) { - struct block_list *tbl = ers_alloc(clif->delay_clearunit_ers, struct block_list); + struct block_list *tbl; + + nullpo_retv(bl); + tbl = ers_alloc(clif->delay_clearunit_ers, struct block_list); memcpy (tbl, bl, sizeof (struct block_list)); timer->add(tick, clif->clearunit_delayed_sub, (int)type, (intptr_t)tbl); } @@ -838,6 +857,9 @@ void clif_clearunit_delayed(struct block_list* bl, clr_type type, int64 tick) { /// Gets weapon view info from sd's inventory_data and points (*rhand,*lhand) void clif_get_weapon_view(struct map_session_data* sd, unsigned short *rhand, unsigned short *lhand) { + nullpo_retv(sd); + nullpo_retv(rhand); + nullpo_retv(lhand); if(sd->sc.option&OPTION_COSTUME) { *rhand = *lhand = 0; return; @@ -887,6 +909,7 @@ static int clif_setlevel_sub(int lv) { static int clif_setlevel(struct block_list* bl) { int lv = status->get_lv(bl); + nullpo_retr(0, bl); if( battle_config.client_limit_unit_lv&bl->type ) return clif_setlevel_sub(lv); switch( bl->type ) { @@ -906,6 +929,7 @@ void clif_set_unit_idle2(struct block_list* bl, struct map_session_data *tsd, en struct packet_idle_unit2 p; int g_id = status->get_guild_id(bl); + nullpo_retv(bl); sd = BL_CAST(BL_PC, bl); p.PacketType = idle_unit2Type; @@ -1046,6 +1070,7 @@ void clif_spawn_unit2(struct block_list* bl, enum send_target target) { struct packet_spawn_unit2 p; int g_id = status->get_guild_id(bl); + nullpo_retv(bl); sd = BL_CAST(BL_PC, bl); p.PacketType = spawn_unit2Type; @@ -1180,6 +1205,7 @@ void clif_set_unit_walking(struct block_list* bl, struct map_session_data *tsd, int g_id = status->get_guild_id(bl); nullpo_retv(bl); + nullpo_retv(ud); sd = BL_CAST(BL_PC, bl); @@ -1252,7 +1278,7 @@ void clif_set_unit_walking(struct block_list* bl, struct map_session_data *tsd, /// 01b0 .L .B .L /// type: /// unused -void clif_class_change(struct block_list *bl,int class_,int type) +void clif_class_change(struct block_list *bl, int class_, int type) { nullpo_retv(bl); @@ -1272,6 +1298,7 @@ void clif_class_change(struct block_list *bl,int class_,int type) /// 01d0 .L .W (ZC_SPIRITS) /// 01e1 .L .W (ZC_SPIRITS2) void clif_spiritball_single(int fd, struct map_session_data *sd) { + nullpo_retv(sd); WFIFOHEAD(fd, packet_len(0x1e1)); WFIFOW(fd,0)=0x1e1; WFIFOL(fd,2)=sd->bl.id; @@ -1284,6 +1311,7 @@ void clif_spiritball_single(int fd, struct map_session_data *sd) { *------------------------------------------*/ void clif_charm_single(int fd, struct map_session_data *sd) { + nullpo_retv(sd); WFIFOHEAD(fd, packet_len(0x08cf)); WFIFOW(fd,0) = 0x08cf; WFIFOL(fd,2) = sd->bl.id; @@ -1297,9 +1325,12 @@ void clif_charm_single(int fd, struct map_session_data *sd) * Tells its client to display all weather settings being used by this map *------------------------------------------*/ void clif_weather_check(struct map_session_data *sd) { - int16 m = sd->bl.m; - int fd = sd->fd; + int16 m; + int fd; + nullpo_retv(sd); + m = sd->bl.m; + fd = sd->fd; if (map->list[m].flag.snow) clif->specialeffect_single(&sd->bl, 162, fd); if (map->list[m].flag.clouds) @@ -1341,6 +1372,7 @@ bool clif_spawn(struct block_list *bl) { struct view_data *vd; + nullpo_retr(false, bl); vd = status->get_viewdata(bl); if( !vd ) return false; @@ -1413,6 +1445,7 @@ void clif_hominfo(struct map_session_data *sd, struct homun_data *hd, int flag) unsigned char buf[128]; enum homun_type htype; + nullpo_retv(sd); nullpo_retv(hd); hstatus = &hd->battle_status; @@ -1492,8 +1525,12 @@ void clif_hominfo(struct map_session_data *sd, struct homun_data *hd, int flag) /// ? = ignored void clif_send_homdata(struct map_session_data *sd, int state, int param) { - int fd = sd->fd; + int fd; + + nullpo_retv(sd); + nullpo_retv(sd->hd); + fd = sd->fd; if ( (state == SP_INTIMATE) && (param >= 910) && (sd->hd->homunculus.class_ == sd->hd->homunculusDB->evo_class) ) homun->calc_skilltree(sd->hd, 0); @@ -1553,6 +1590,7 @@ void clif_homskillup(struct map_session_data *sd, uint16 skill_id) { //[orn] struct homun_data *hd; int fd, idx; nullpo_retv(sd); + nullpo_retv(sd->hd); idx = skill_id - HM_SKILLBASE; fd=sd->fd; @@ -1588,8 +1626,10 @@ void clif_hom_food(struct map_session_data *sd,int foodid,int fail) /// 0087 .L .6B void clif_walkok(struct map_session_data *sd) { - int fd=sd->fd; + int fd; + nullpo_retv(sd); + fd = sd->fd; WFIFOHEAD(fd, packet_len(0x87)); WFIFOW(fd,0)=0x87; WFIFOL(fd,2)=(unsigned int)timer->gettick(); @@ -1597,14 +1637,20 @@ void clif_walkok(struct map_session_data *sd) WFIFOSET(fd,packet_len(0x87)); } - void clif_move2(struct block_list *bl, struct view_data *vd, struct unit_data *ud) { #ifdef ANTI_MAYAP_CHEAT struct status_change *sc = NULL; +#endif + + nullpo_retv(bl); + nullpo_retv(vd); + nullpo_retv(ud); +#ifdef ANTI_MAYAP_CHEAT if( (sc = status->get_sc(bl)) && sc->option&(OPTION_HIDE|OPTION_CLOAK|OPTION_INVISIBLE|OPTION_CHASEWALK) ) clif->ally_only = true; #endif + clif->set_unit_walking(bl,NULL,ud,AREA_WOS); if(vd->cloth_color) @@ -1640,7 +1686,6 @@ void clif_move2(struct block_list *bl, struct view_data *vd, struct unit_data *u #endif } - /// Notifies clients in an area, that an other visible object is walking (ZC_NOTIFY_PLAYERMOVE). /// 0086 .L .6B .L /// Note: unit must not be self @@ -1648,10 +1693,14 @@ void clif_move(struct unit_data *ud) { unsigned char buf[16]; struct view_data *vd; - struct block_list *bl = ud->bl; + struct block_list *bl; #ifdef ANTI_MAYAP_CHEAT struct status_change *sc = NULL; #endif + + nullpo_retv(ud); + bl = ud->bl; + nullpo_retv(bl); vd = status->get_viewdata(bl); if (!vd || vd->class_ == INVISIBLE_CLASS) return; //This performance check is needed to keep GM-hidden objects from being notified to bots. @@ -1706,7 +1755,8 @@ int clif_delayquit(int tid, int64 tick, int id, intptr_t data) { /*========================================== * *------------------------------------------*/ -void clif_quitsave(int fd,struct map_session_data *sd) { +void clif_quitsave(int fd, struct map_session_data *sd) { + nullpo_retv(sd); if (!battle_config.prevent_logout || DIFF_TICK(timer->gettick(), sd->canlog_tick) > battle_config.prevent_logout) map->quit(sd); @@ -1756,6 +1806,7 @@ void clif_changemapserver(struct map_session_data* sd, unsigned short map_index, void clif_blown(struct block_list *bl) { //Aegis packets says fixpos, but it's unsure whether slide works better or not. + nullpo_retv(bl); clif->fixpos(bl); clif->slide(bl, bl->x, bl->y); } @@ -1889,7 +1940,11 @@ void clif_selllist(struct map_session_data *sd) /// - append this text void clif_scriptmes(struct map_session_data *sd, int npcid, const char *mes) { int fd = sd->fd; - size_t slen = strlen(mes) + 9; + size_t slen; + + nullpo_retv(sd); + nullpo_retv(mes); + slen = strlen(mes) + 9; sd->state.dialog = 1; @@ -1912,7 +1967,7 @@ void clif_scriptmes(struct map_session_data *sd, int npcid, const char *mes) { /// - 00B9 .L /// - set to clear on next mes /// - remove 'next' button -void clif_scriptnext(struct map_session_data *sd,int npcid) +void clif_scriptnext(struct map_session_data *sd, int npcid) { int fd; @@ -1959,9 +2014,11 @@ void clif_scriptclose(struct map_session_data *sd, int npcid) *------------------------------------------*/ void clif_sendfakenpc(struct map_session_data *sd, int npcid) { unsigned char *buf; - int fd = sd->fd; - sd->state.using_fake_npc = 1; + int fd; + nullpo_retv(sd); + fd = sd->fd; + sd->state.using_fake_npc = 1; WFIFOHEAD(fd, packet_len(0x78)); buf = WFIFOP(fd,0); memset(WBUFP(buf,0), 0, packet_len(0x78)); @@ -2000,10 +2057,14 @@ void clif_sendfakenpc(struct map_session_data *sd, int npcid) { /// Which suggests their have intertwined behavior. (probably the mouse targeting) /// TODO investigate behavior of other windows [FlavioJS] void clif_scriptmenu(struct map_session_data* sd, int npcid, const char* mes) { - int fd = sd->fd; - size_t slen = strlen(mes) + 9; + int fd; + size_t slen; struct block_list *bl = NULL; + nullpo_retv(sd); + nullpo_retv(mes); + fd = sd->fd; + slen = strlen(mes) + 9; if (!sd->state.using_fake_npc && (npcid == npc->fake_nd->bl.id || ((bl = map->id2bl(npcid)) && (bl->m!=sd->bl.m || bl->xbl.x-AREA_SIZE-1 || bl->x>sd->bl.x+AREA_SIZE+1 || bl->ybl.y-AREA_SIZE-1 || bl->y>sd->bl.y+AREA_SIZE+1)))) @@ -2135,6 +2196,7 @@ void clif_cutin(struct map_session_data* sd, const char* image, int type) *------------------------------------------*/ void clif_addcards(unsigned char* buf, struct item* item) { int i=0,j; + nullpo_retv(buf); if( item == NULL ) { //Blank data WBUFW(buf,0) = 0; WBUFW(buf,2) = 0; @@ -2184,6 +2246,7 @@ void clif_addcards(unsigned char* buf, struct item* item) { void clif_addcards2(unsigned short *cards, struct item* item) { int i=0,j; + nullpo_retv(cards); if( item == NULL ) { //Blank data cards[0] = 0; cards[1] = 0; @@ -2243,6 +2306,7 @@ void clif_addcards2(unsigned short *cards, struct item* item) { void clif_add_random_options(unsigned char* buf, struct item* item) { int i; + nullpo_retv(buf); for (i = 0; i < 5; i++){ WBUFW(buf,i*5+0) = 0; // OptIndex WBUFW(buf,i*5+2) = 0; // Value @@ -2356,6 +2420,7 @@ void clif_delitem(struct map_session_data *sd,int n,int amount, short reason) // Simplifies inventory/cart/storage packets by handling the packet section relevant to items. [Skotlex] // Equip is >= 0 for equippable items (holds the equip-point, is 0 for pet // armor/egg) -1 for stackable items, -2 for stackable items where arrows must send in the equip-point. +// look like unused, not adding checks void clif_item_sub(unsigned char *buf, int n, struct item *i, struct item_data *id, int equip) { if (id->view_id > 0) WBUFW(buf,n)=id->view_id; @@ -2377,10 +2442,14 @@ void clif_item_sub(unsigned char *buf, int n, struct item *i, struct item_data * } } + void clif_item_equip(short idx, struct EQUIPITEM_INFO *p, struct item *i, struct item_data *id, int eqp_pos) { #if PACKETVER >= 20150226 int j; #endif + nullpo_retv(p); + nullpo_retv(i); + nullpo_retv(id); p->index = idx; if (id->view_id > 0) @@ -2432,7 +2501,12 @@ void clif_item_equip(short idx, struct EQUIPITEM_INFO *p, struct item *i, struct } #endif } + void clif_item_normal(short idx, struct NORMALITEM_INFO *p, struct item *i, struct item_data *id) { + nullpo_retv(p); + nullpo_retv(i); + nullpo_retv(id); + p->index = idx; if (id->view_id > 0) @@ -2463,17 +2537,19 @@ void clif_item_normal(short idx, struct NORMALITEM_INFO *p, struct item *i, stru p->Flag.SpareBits = 0; #endif } + void clif_inventorylist(struct map_session_data *sd) { int i, normal = 0, equip = 0; + nullpo_retv(sd); for( i = 0; i < MAX_INVENTORY; i++ ) { if( sd->status.inventory[i].nameid <= 0 || sd->inventory_data[i] == NULL ) continue; if( !itemdb->isstackable2(sd->inventory_data[i]) ) //Non-stackable (Equippable) - clif_item_equip(i+2,&itemlist_equip.list[equip++],&sd->status.inventory[i],sd->inventory_data[i],pc->equippoint(sd,i)); + clif->item_equip(i+2,&itemlist_equip.list[equip++],&sd->status.inventory[i],sd->inventory_data[i],pc->equippoint(sd,i)); else //Stackable (Normal) - clif_item_normal(i+2,&itemlist_normal.list[normal++],&sd->status.inventory[i],sd->inventory_data[i]); + clif->item_normal(i+2,&itemlist_normal.list[normal++],&sd->status.inventory[i],sd->inventory_data[i]); } if( normal ) { @@ -2508,12 +2584,13 @@ void clif_inventorylist(struct map_session_data *sd) { void clif_equiplist(struct map_session_data *sd) { int i, equip = 0; + nullpo_retv(sd); for( i = 0; i < MAX_INVENTORY; i++ ) { if( sd->status.inventory[i].nameid <= 0 || sd->inventory_data[i] == NULL ) continue; if( !itemdb->isstackable2(sd->inventory_data[i]) ) //Non-stackable (Equippable) - clif_item_equip(i+2,&itemlist_equip.list[equip++],&sd->status.inventory[i],sd->inventory_data[i],pc->equippoint(sd,i)); + clif->item_equip(i+2,&itemlist_equip.list[equip++],&sd->status.inventory[i],sd->inventory_data[i],pc->equippoint(sd,i)); } if( equip ) { @@ -2539,6 +2616,8 @@ void clif_storagelist(struct map_session_data* sd, struct item* items, int items int i = 0; struct item_data *id; + nullpo_retv(sd); + nullpo_retv(items); do { int normal = 0, equip = 0, k = 0; @@ -2550,9 +2629,9 @@ void clif_storagelist(struct map_session_data* sd, struct item* items, int items id = itemdb->search(items[i].nameid); if( !itemdb->isstackable2(id) ) //Non-stackable (Equippable) - clif_item_equip(i+1,&storelist_equip.list[equip++],&items[i],id,id->equip); + clif->item_equip(i+1,&storelist_equip.list[equip++],&items[i],id,id->equip); else //Stackable (Normal) - clif_item_normal(i+1,&storelist_normal.list[normal++],&items[i],id); + clif->item_normal(i+1,&storelist_normal.list[normal++],&items[i],id); } if( normal ) { @@ -2585,17 +2664,17 @@ void clif_cartlist(struct map_session_data *sd) { int i, normal = 0, equip = 0; struct item_data *id; + nullpo_retv(sd); for( i = 0; i < MAX_CART; i++ ) { if( sd->status.cart[i].nameid <= 0 ) continue; id = itemdb->search(sd->status.cart[i].nameid); - if( !itemdb->isstackable2(id) ) //Non-stackable (Equippable) - clif_item_equip(i+2,&itemlist_equip.list[equip++],&sd->status.cart[i],id,id->equip); + clif->item_equip(i+2,&itemlist_equip.list[equip++],&sd->status.cart[i],id,id->equip); else //Stackable (Normal) - clif_item_normal(i+2,&itemlist_normal.list[normal++],&sd->status.cart[i],id); + clif->item_normal(i+2,&itemlist_normal.list[normal++],&sd->status.cart[i],id); } if( normal ) { @@ -2651,6 +2730,7 @@ void clif_guild_xy_single(int fd, struct map_session_data *sd) if( sd->bg_id ) return; + nullpo_retv(sd); WFIFOHEAD(fd,packet_len(0x1eb)); WFIFOW(fd,0)=0x1eb; WFIFOL(fd,2)=sd->status.account_id; @@ -3437,6 +3517,7 @@ void clif_changeoption2(struct block_list* bl) { unsigned char buf[20]; struct status_change *sc; + nullpo_retv(bl); if ( !(sc = status->get_sc(bl)) && bl->type != BL_NPC ) return; //How can an option change if there's no sc? WBUFW(buf,0) = 0x28a; @@ -3741,6 +3822,8 @@ void clif_leavechat(struct chat_data* cd, struct map_session_data* sd, bool flag void clif_traderequest(struct map_session_data* sd, const char* name) { int fd = sd->fd; + nullpo_retv(sd); + nullpo_retv(name); #if PACKETVER < 6 WFIFOHEAD(fd,packet_len(0xe5)); WFIFOW(fd,0) = 0xe5; @@ -3771,7 +3854,10 @@ void clif_traderequest(struct map_session_data* sd, const char* name) { /// 4 = Cancel /// 5 = Busy void clif_tradestart(struct map_session_data* sd, uint8 type) { - int fd = sd->fd; + int fd; + + nullpo_retv(sd); + fd = sd->fd; #if PACKETVER >= 6 struct map_session_data* tsd = map->id2sd(sd->trade_partner); if( tsd ) { @@ -3931,10 +4017,13 @@ void clif_tradecompleted(struct map_session_data* sd, int fail) /// 00f1 /// NOTE: Unknown purpose. Items are not removed until the window is /// refreshed (ex. by putting another item in there). +/// unused void clif_tradeundo(struct map_session_data* sd) { - int fd = sd->fd; + int fd; + nullpo_retv(sd); + fd = sd->fd; WFIFOHEAD(fd,packet_len(0xf1)); WFIFOW(fd,0) = 0xf1; WFIFOSET(fd,packet_len(0xf1)); @@ -4030,6 +4119,8 @@ void clif_getareachar_pc(struct map_session_data* sd,struct map_session_data* ds struct block_list *d_bl; int i; + nullpo_retv(sd); + nullpo_retv(dstsd); if( dstsd->chatID ) { struct chat_data *cd = NULL; if( (cd = (struct chat_data*)map->id2bl(dstsd->chatID)) && cd->usersd[0]==dstsd) @@ -4068,6 +4159,9 @@ void clif_getareachar_unit(struct map_session_data* sd,struct block_list *bl) { struct unit_data *ud; struct view_data *vd; + nullpo_retv(sd); + nullpo_retv(bl); + vd = status->get_viewdata(bl); if (!vd || vd->class_ == INVISIBLE_CLASS) return; @@ -4156,6 +4250,7 @@ int clif_calc_walkdelay(struct block_list *bl,int delay, int type, int damage, i if (type == 4 || type == 9 || damage <=0) return 0; + nullpo_retr(delay, bl); if (bl->type == BL_PC) { if (battle_config.pc_walk_delay_rate != 100) delay = delay*battle_config.pc_walk_delay_rate/100; @@ -4335,6 +4430,9 @@ void clif_changemapcell(int fd, int16 m, int x, int y, int type, enum send_targe /// 009d .L .W .B .W .W .W .B .B void clif_getareachar_item(struct map_session_data* sd,struct flooritem_data* fitem) { int view,fd; + + nullpo_retv(sd); + nullpo_retv(fitem); fd=sd->fd; WFIFOHEAD(fd,packet_len(0x9d)); @@ -4356,6 +4454,9 @@ void clif_getareachar_item(struct map_session_data* sd,struct flooritem_data* fi void clif_graffiti_entry(struct block_list *bl, struct skill_unit *su, enum send_target target) { struct packet_graffiti_entry p; + nullpo_retv(bl); + nullpo_retv(su); + nullpo_retv(su->group); p.PacketType = graffiti_entryType; p.AID = su->bl.id; p.creatorAID = su->group->src_id; @@ -4737,7 +4838,12 @@ void clif_skillinfo(struct map_session_data *sd,int skill_id, int inf) { const int fd = sd->fd; int idx = skill->get_index(skill_id); - int skill_lv = sd->status.skill[idx].lv; + int skill_lv; + + nullpo_retv(sd); + Assert_retv(idx >= 0 && idx < MAX_SKILL); + + skill_lv = sd->status.skill[idx].lv; WFIFOHEAD(fd,packet_len(0x7e1)); WFIFOW(fd,0) = 0x7e1; @@ -5105,6 +5211,7 @@ void clif_skill_poseffect(struct block_list *src, uint16 skill_id, int val, int void clif_skill_warppoint(struct map_session_data* sd, uint16 skill_id, uint16 skill_lv, unsigned short map1, unsigned short map2, unsigned short map3, unsigned short map4) { int fd; + nullpo_retv(sd); fd = sd->fd; @@ -5404,8 +5511,8 @@ void clif_displaymessage(const int fd, const char* mes) { #endif } } + void clif_displaymessage2(const int fd, const char* mes) { - // invalid pointer? nullpo_retv(mes); //Scrapped, as these are shared by disconnected players =X [Skotlex] @@ -5442,6 +5549,7 @@ void clif_displaymessage_sprintf(const int fd, const char *mes, ...) __attribute void clif_displaymessage_sprintf(const int fd, const char *mes, ...) { va_list ap; + nullpo_retv(mes); if (map->cpsd_active && fd == 0) { ShowInfo("HCP: "); va_start(ap,mes); @@ -5474,6 +5582,7 @@ void clif_displaymessage_sprintf(const int fd, const char *mes, ...) { /// 009a .W .?B void clif_broadcast(struct block_list* bl, const char* mes, size_t len, int type, enum send_target target) { + nullpo_retv(mes); int lp = (type&BC_COLOR_MASK) ? 4 : 0; unsigned char *buf = (unsigned char*)aMalloc((4 + lp + len)*sizeof(unsigned char)); @@ -5520,8 +5629,11 @@ void clif_GlobalMessage(struct block_list* bl, const char* message) { /// 01c3 .W .L .W .W .W .W .?B void clif_broadcast2(struct block_list* bl, const char* mes, size_t len, unsigned int fontColor, short fontType, short fontSize, short fontAlign, short fontY, enum send_target target) { - unsigned char *buf = (unsigned char*)aMalloc((16 + len)*sizeof(unsigned char)); + unsigned char *buf; + nullpo_retv(mes); + + buf = (unsigned char*)aMalloc((16 + len)*sizeof(unsigned char)); WBUFW(buf,0) = 0x1c3; WBUFW(buf,2) = len + 16; WBUFL(buf,4) = fontColor; @@ -5613,6 +5725,8 @@ void clif_map_type(struct map_session_data* sd, enum map_type type) { // FIXME: missing documentation for the 'type' parameter void clif_pvpset(struct map_session_data *sd,int pvprank,int pvpnum,int type) { + nullpo_retv(sd); + if(type == 2) { int fd = sd->fd; WFIFOHEAD(fd,packet_len(0x19a)); @@ -5695,6 +5809,8 @@ void clif_upgrademessage(int fd, int result, int item_id) /// 0097 .W .24B .?B /// 0097 .W .24B .L .?B (PACKETVER >= 20091104) void clif_wis_message(int fd, const char* nick, const char* mes, size_t mes_len) { + nullpo_retv(nick); + nullpo_retv(mes); #if PACKETVER < 20091104 WFIFOHEAD(fd, mes_len + NAME_LENGTH + 4); WFIFOW(fd,0) = 0x97; @@ -5744,6 +5860,7 @@ void clif_wis_end(int fd, int flag) { /// 0194 .L .24B void clif_solved_charname(int fd, int charid, const char* name) { + nullpo_retv(name); WFIFOHEAD(fd,packet_len(0x194)); WFIFOW(fd,0)=0x194; WFIFOL(fd,2)=charid; @@ -5913,7 +6030,10 @@ void clif_item_repaireffect(struct map_session_data *sd,int idx,int flag) /// 02bb .W .L void clif_item_damaged(struct map_session_data* sd, unsigned short position) { - int fd = sd->fd; + int fd; + + nullpo_retv(sd); + fd = sd->fd; WFIFOHEAD(fd,packet_len(0x2bb)); WFIFOW(fd,0) = 0x2bb; @@ -6195,6 +6315,7 @@ void clif_openvending(struct map_session_data* sd, int id, struct s_vending* ven #endif nullpo_retv(sd); + nullpo_retv(vending_items); fd = sd->fd; count = sd->vend_num; @@ -6284,6 +6405,8 @@ void clif_party_member_info(struct party_data *p, struct map_session_data *sd) unsigned char buf[81]; int i; + nullpo_retv(p); + nullpo_retv(sd); if (!sd) { //Pick any party member (this call is used when changing item share rules) ARR_FIND( 0, MAX_PARTY, i, p->data[i].sd != 0 ); } else { @@ -6412,6 +6535,7 @@ void clif_party_inviteack(struct map_session_data* sd, const char* nick, int res { int fd; nullpo_retv(sd); + nullpo_retv(nick); fd=sd->fd; #if PACKETVER < 20070904 @@ -6491,6 +6615,8 @@ void clif_party_withdraw(struct party_data* p, struct map_session_data* sd, int unsigned char buf[64]; nullpo_retv(p); + nullpo_retv(sd); + nullpo_retv(name); if(!sd && (flag&0xf0)==0) { @@ -6522,6 +6648,7 @@ void clif_party_message(struct party_data* p, int account_id, const char* mes, i int i; nullpo_retv(p); + nullpo_retv(mes); for(i=0; i < MAX_PARTY && !p->data[i].sd;i++); if(i < MAX_PARTY){ @@ -6564,6 +6691,7 @@ void clif_party_xy(struct map_session_data *sd) *------------------------------------------*/ void clif_party_xy_single(int fd, struct map_session_data *sd) { + nullpo_retv(sd); WFIFOHEAD(fd,packet_len(0x107)); WFIFOW(fd,0)=0x107; WFIFOL(fd,2)=sd->status.account_id; @@ -7580,6 +7708,8 @@ void clif_guild_expulsion(struct map_session_data* sd, const char* name, const c #endif nullpo_retv(sd); + nullpo_retv(name); + nullpo_retv(mes); WBUFW(buf,0) = cmd; safestrncpy((char*)WBUFP(buf,2), name, NAME_LENGTH); @@ -7641,6 +7771,7 @@ void clif_guild_message(struct guild *g,int account_id,const char *mes,int len) struct map_session_data *sd; uint8 buf[256]; + nullpo_retv(mes); if (len == 0) return; @@ -7664,6 +7795,7 @@ void clif_guild_reqalliance(struct map_session_data *sd,int account_id,const cha int fd; nullpo_retv(sd); + nullpo_retv(name); fd=sd->fd; WFIFOHEAD(fd,packet_len(0x171)); @@ -7797,6 +7929,7 @@ void clif_talkiebox(struct block_list* bl, const char* talkie) { unsigned char buf[MESSAGE_SIZE+6]; nullpo_retv(bl); + nullpo_retv(talkie); WBUFW(buf,0) = 0x191; WBUFL(buf,2) = bl->id; @@ -7903,6 +8036,9 @@ void clif_disp_message(struct block_list* src, const char* mes, size_t len, enum if (len == 0) return; + nullpo_retv(src); + nullpo_retv(mes); + if (len > sizeof(buf)-5) { ShowWarning("clif_disp_message: Truncated message '%s' (len=%"PRIuS", max=%"PRIuS", aid=%d).\n", mes, len, sizeof(buf)-5, src->id); len = sizeof(buf)-5; @@ -7936,14 +8072,17 @@ void clif_GM_kickack(struct map_session_data *sd, int result) void clif_GM_kick(struct map_session_data *sd,struct map_session_data *tsd) { - int fd = tsd->fd; + int fd; + + nullpo_retv(tsd); + fd = tsd->fd; - if( fd > 0 ) + if (fd > 0) clif->authfail_fd(fd, 15); else map->quit(tsd); - if( sd ) + if (sd) clif->GM_kickack(sd, 1); } @@ -8069,6 +8208,7 @@ void clif_soundeffect(struct map_session_data* sd, struct block_list* bl, const nullpo_retv(sd); nullpo_retv(bl); + nullpo_retv(name); fd = sd->fd; WFIFOHEAD(fd,packet_len(0x1d3)); @@ -8085,6 +8225,7 @@ void clif_soundeffectall(struct block_list* bl, const char* name, int type, enum unsigned char buf[40]; nullpo_retv(bl); + nullpo_retv(name); WBUFW(buf,0) = 0x1d3; safestrncpy((char*)WBUFP(buf,2), name, NAME_LENGTH); @@ -8120,6 +8261,7 @@ void clif_specialeffect(struct block_list* bl, int type, enum send_target target } void clif_specialeffect_single(struct block_list* bl, int type, int fd) { + nullpo_retv(bl); WFIFOHEAD(fd,10); WFIFOW(fd,0) = 0x1f3; WFIFOL(fd,2) = bl->id; @@ -8162,7 +8304,10 @@ void clif_specialeffect_value(struct block_list* bl, int effect_id, int num, sen */ void clif_messagecolor_self(int fd, uint32 color, const char *msg) { - size_t msg_len = strlen(msg) + 1; + size_t msg_len; + + nullpo_retv(msg); + msg_len = strlen(msg) + 1; WFIFOHEAD(fd,msg_len + 12); WFIFOW(fd,0) = 0x2C1; @@ -8188,6 +8333,7 @@ void clif_messagecolor(struct block_list* bl, uint32 color, const char *msg) uint8 buf[256]; nullpo_retv(bl); + nullpo_retv(msg); if (msg_len > sizeof(buf)-12) { ShowWarning("clif_messagecolor: Truncating too long message '%s' (len=%"PRIuS").\n", msg, msg_len); @@ -8211,6 +8357,7 @@ void clif_messagecolor(struct block_list* bl, uint32 color, const char *msg) **/ void clif_refresh_storagewindow(struct map_session_data *sd) { + nullpo_retv(sd); // Notify the client that the storage is open if (sd->state.storage_flag == STORAGE_FLAG_NORMAL) { storage->sortitem(sd->status.storage.items, ARRAYLENGTH(sd->status.storage.items)); @@ -8519,7 +8666,11 @@ void clif_slide(struct block_list *bl, int x, int y) void clif_disp_overhead(struct block_list *bl, const char* mes) { unsigned char buf[256]; //This should be more than sufficient, the theoretical max is CHAT_SIZE + 8 (pads and extra inserted crap) - size_t len_mes = strlen(mes)+1; //Account for \0 + size_t len_mes; + + nullpo_retv(bl); + nullpo_retv(mes); + len_mes = strlen(mes)+1; //Account for \0 if (len_mes > sizeof(buf)-8) { ShowError("clif_disp_overhead: Message too long (length %"PRIuS")\n", len_mes); @@ -8575,7 +8726,10 @@ void clif_party_xy_remove(struct map_session_data *sd) /// ? = nothing void clif_gospel_info(struct map_session_data *sd, int type) { - int fd=sd->fd; + int fd; + + nullpo_retv(sd); + fd = sd->fd; WFIFOHEAD(fd,packet_len(0x215)); WFIFOW(fd,0)=0x215; WFIFOL(fd,2)=type; @@ -8614,7 +8768,11 @@ void clif_gospel_info(struct map_session_data *sd, int type) /// 40 = Target HP : void clif_starskill(struct map_session_data* sd, const char* mapname, int monster_id, unsigned char star, unsigned char result) { - int fd = sd->fd; + int fd; + + nullpo_retv(sd); + nullpo_retv(mapname); + fd = sd->fd; WFIFOHEAD(fd,packet_len(0x20e)); WFIFOW(fd,0) = 0x20e; @@ -8633,6 +8791,8 @@ void clif_feel_info(struct map_session_data* sd, unsigned char feel_level, unsig { char mapname[MAP_NAME_LENGTH_EXT]; + nullpo_retv(sd); + Assert_retv(feel_level < MAX_PC_FEELHATE); mapindex->getmapname_ext(mapindex_id2name(sd->feel_map[feel_level].index), mapname); clif->starskill(sd, mapname, 0, feel_level, type ? 1 : 0); } @@ -8725,7 +8885,7 @@ void clif_viewequip_ack(struct map_session_data* sd, struct map_session_data* ts if (tsd->status.inventory[k].nameid <= 0 || tsd->inventory_data[k] == NULL) // Item doesn't exist continue; - clif_item_equip(k+2,&viewequip_list.list[equip++],&tsd->status.inventory[k],tsd->inventory_data[k],pc->equippoint(tsd,k)); + clif->item_equip(k+2,&viewequip_list.list[equip++],&tsd->status.inventory[k],tsd->inventory_data[k],pc->equippoint(tsd,k)); } } @@ -8808,7 +8968,10 @@ void clif_msgtable_num(struct map_session_data *sd, unsigned short msg_id, int v */ void clif_msgtable_skill(struct map_session_data* sd, uint16 skill_id, int msg_id) { - int fd = sd->fd; + int fd; + + nullpo_retv(sd); + fd = sd->fd; WFIFOHEAD(fd, packet_len(0x7e6)); WFIFOW(fd,0) = 0x7e6; @@ -8827,6 +8990,12 @@ bool clif_process_message(struct map_session_data *sd, int format, char **name_, size_t namelen, messagelen; int fd = sd->fd; + nullpo_retr(false, sd); + nullpo_retr(false, name_); + nullpo_retr(false, namelen_); + nullpo_retr(false, message_); + nullpo_retr(false, messagelen_); + *name_ = NULL; *namelen_ = 0; *message_ = NULL; @@ -8914,10 +9083,17 @@ bool clif_process_message(struct map_session_data *sd, int format, char **name_, void clif_channel_msg(struct channel_data *chan, struct map_session_data *sd, char *msg) { - DBIterator *iter = db_iterator(chan->users); + DBIterator *iter; struct map_session_data *user; - unsigned short msg_len = strlen(msg) + 1; - uint32 color = channel->config->colors[chan->color]; + unsigned short msg_len; + uint32 color; + + nullpo_retv(chan); + nullpo_retv(sd); + nullpo_retv(msg); + iter = db_iterator(chan->users); + msg_len = strlen(msg) + 1; + color = channel->config->colors[chan->color]; WFIFOHEAD(sd->fd,msg_len + 12); WFIFOW(sd->fd,0) = 0x2C1; @@ -8941,11 +9117,17 @@ void clif_channel_msg(struct channel_data *chan, struct map_session_data *sd, ch void clif_channel_msg2(struct channel_data *chan, char *msg) { - DBIterator *iter = db_iterator(chan->users); + DBIterator *iter; struct map_session_data *user; unsigned char buf[210]; - unsigned short msg_len = strlen(msg) + 1; - uint32 color = channel->config->colors[chan->color]; + unsigned short msg_len; + uint32 color; + + nullpo_retv(chan); + nullpo_retv(msg); + iter = db_iterator(chan->users); + msg_len = strlen(msg) + 1; + color = channel->config->colors[chan->color]; WBUFW(buf,0) = 0x2C1; WBUFW(buf,2) = msg_len + 12; @@ -9043,9 +9225,10 @@ void clif_parse_WantToConnection(int fd, struct map_session_data* sd) { chrif->authreq(sd,false); } +void clif_parse_LoadEndAck(int fd, struct map_session_data *sd) __attribute__((nonnull (2))); /// Notification from the client, that it has finished map loading and is about to display player's character (CZ_NOTIFY_ACTORINIT). /// 007d -void clif_parse_LoadEndAck(int fd,struct map_session_data *sd) { +void clif_parse_LoadEndAck(int fd, struct map_session_data *sd) { bool first_time = false; if(sd->bl.prev != NULL) @@ -9405,7 +9588,10 @@ void clif_parse_LoadEndAck(int fd,struct map_session_data *sd) { /// Server's tick (ZC_NOTIFY_TIME). /// 007f