From 4a9c55a77daa478b9f994d5a1b06619104b82982 Mon Sep 17 00:00:00 2001 From: Haru Date: Tue, 20 Aug 2013 18:55:56 +0200 Subject: Fixed a mapserver crash when using instanced maps with custom names - Fixes bugreport:7658 (thanks to purityz) http://hercules.ws/board/tracker/issue-7658-instance-mapserver-crashing/ - The crash was caused by a pointer becoming invalid when reallocating map[] (i.e. when adding maps), since 20bdc01f Signed-off-by: Haru --- src/map/clif.c | 6 +++--- src/map/instance.c | 2 +- src/map/map.h | 3 +-- src/map/pc.c | 6 +++--- 4 files changed, 8 insertions(+), 9 deletions(-) (limited to 'src/map') diff --git a/src/map/clif.c b/src/map/clif.c index 0d78ca488..2275f7bfe 100644 --- a/src/map/clif.c +++ b/src/map/clif.c @@ -1633,7 +1633,7 @@ void clif_changemap(struct map_session_data *sd, short m, int x, int y) { WFIFOHEAD(fd,packet_len(0x91)); WFIFOW(fd,0) = 0x91; - mapindex_getmapname_ext(map[m].cName ? map[m].cName : map[m].name, (char*)WFIFOP(fd,2)); + mapindex_getmapname_ext(map[m].custom_name ? map[map[m].instance_src_map].name : map[m].name, (char*)WFIFOP(fd,2)); WFIFOW(fd,18) = x; WFIFOW(fd,20) = y; WFIFOSET(fd,packet_len(0x91)); @@ -4568,7 +4568,7 @@ void clif_changemapcell(int fd, int16 m, int x, int y, int type, enum send_targe WBUFW(buf,2) = x; WBUFW(buf,4) = y; WBUFW(buf,6) = type; - mapindex_getmapname_ext(map[m].cName ? map[m].cName : map[m].name,(char*)WBUFP(buf,8)); + mapindex_getmapname_ext(map[m].custom_name ? map[map[m].instance_src_map].name : map[m].name,(char*)WBUFP(buf,8)); if( fd ) { WFIFOHEAD(fd,packet_len(0x192)); @@ -6524,7 +6524,7 @@ void clif_party_member_info(struct party_data *p, struct map_session_data *sd) WBUFB(buf,14) = (p->party.member[i].online)?0:1; memcpy(WBUFP(buf,15), p->party.name, NAME_LENGTH); memcpy(WBUFP(buf,39), sd->status.name, NAME_LENGTH); - mapindex_getmapname_ext(map[sd->bl.m].cName ? map[sd->bl.m].cName : map[sd->bl.m].name, (char*)WBUFP(buf,63)); + mapindex_getmapname_ext(map[sd->bl.m].custom_name ? map[map[sd->bl.m].instance_src_map].name : map[sd->bl.m].name, (char*)WBUFP(buf,63)); WBUFB(buf,79) = (p->party.item&1)?1:0; WBUFB(buf,80) = (p->party.item&2)?1:0; clif->send(buf,packet_len(0x1e9),&sd->bl,PARTY); diff --git a/src/map/instance.c b/src/map/instance.c index 84c0bd8e2..4e145fb8f 100644 --- a/src/map/instance.c +++ b/src/map/instance.c @@ -179,7 +179,7 @@ int instance_add_map(const char *name, int instance_id, bool usebasename, const memcpy( &map[im], &map[m], sizeof(struct map_data) ); // Copy source map if( map_name != NULL ) { snprintf(map[im].name, MAP_NAME_LENGTH, "%s", map_name); - map[im].cName = map[m].name; + map[im].custom_name = true; } else snprintf(map[im].name, MAP_NAME_LENGTH, (usebasename ? "%.3d#%s" : "%.3d%s"), instance_id, name); // Generate Name for Instance Map map[im].index = mapindex_addmap(-1, map[im].name); // Add map index diff --git a/src/map/map.h b/src/map/map.h index d372a68b6..266d0ccde 100644 --- a/src/map/map.h +++ b/src/map/map.h @@ -677,8 +677,7 @@ struct map_data { /* long_damage_rate mapflag */ unsigned short long_damage_rate; - /* instance unique name */ - char *cName; + bool custom_name; ///< Whether the instanced map is using a custom name /* */ int (*getcellp)(struct map_data* m,int16 x,int16 y,cell_chk cellchk); diff --git a/src/map/pc.c b/src/map/pc.c index 13e2ec8d2..044e55508 100644 --- a/src/map/pc.c +++ b/src/map/pc.c @@ -4822,7 +4822,7 @@ int pc_setpos(struct map_session_data* sd, unsigned short mapindex, int x, int y if( sd->instances ) { for( i = 0; i < sd->instances; i++ ) { if( sd->instance[i] >= 0 ) { - ARR_FIND(0, instances[sd->instance[i]].num_map, j, map[instances[sd->instance[i]].map[j]].instance_src_map == m && !map[instances[sd->instance[i]].map[j]].cName); + ARR_FIND(0, instances[sd->instance[i]].num_map, j, map[instances[sd->instance[i]].map[j]].instance_src_map == m && !map[instances[sd->instance[i]].map[j]].custom_name); if( j != instances[sd->instance[i]].num_map ) break; } @@ -4836,7 +4836,7 @@ int pc_setpos(struct map_session_data* sd, unsigned short mapindex, int x, int y if ( !stop && sd->status.party_id && (p = party->search(sd->status.party_id)) && p->instances ) { for( i = 0; i < p->instances; i++ ) { if( p->instance[i] >= 0 ) { - ARR_FIND(0, instances[p->instance[i]].num_map, j, map[instances[p->instance[i]].map[j]].instance_src_map == m && !map[instances[p->instance[i]].map[j]].cName); + ARR_FIND(0, instances[p->instance[i]].num_map, j, map[instances[p->instance[i]].map[j]].instance_src_map == m && !map[instances[p->instance[i]].map[j]].custom_name); if( j != instances[p->instance[i]].num_map ) break; } @@ -4850,7 +4850,7 @@ int pc_setpos(struct map_session_data* sd, unsigned short mapindex, int x, int y if ( !stop && sd->status.guild_id && sd->guild && sd->guild->instances ) { for( i = 0; i < sd->guild->instances; i++ ) { if( sd->guild->instance[i] >= 0 ) { - ARR_FIND(0, instances[sd->guild->instance[i]].num_map, j, map[instances[sd->guild->instance[i]].map[j]].instance_src_map == m && !map[instances[sd->guild->instance[i]].map[j]].cName); + ARR_FIND(0, instances[sd->guild->instance[i]].num_map, j, map[instances[sd->guild->instance[i]].map[j]].instance_src_map == m && !map[instances[sd->guild->instance[i]].map[j]].custom_name); if( j != instances[sd->guild->instance[i]].num_map ) break; } -- cgit v1.2.3-70-g09d2