From d0725afa8363b5f7b0612e087b48013d39339039 Mon Sep 17 00:00:00 2001 From: shennetsind Date: Sun, 18 Jan 2015 11:37:45 -0200 Subject: Fixing 38 issues Addressing out of bounds read/write, pointless null checks on already deferenced variables, dead code. Special Thanks to 4144 and Haruna! Signed-off-by: shennetsind --- src/char/char.c | 4 ++-- src/common/console.c | 2 +- src/common/mapindex.c | 3 ++- src/common/utils.c | 21 ++++++++++++--------- src/map/atcommand.c | 23 ++++++++++++----------- src/map/battle.c | 8 +++++++- src/map/chrif.c | 4 ++-- src/map/clif.c | 6 +++++- src/map/duel.c | 2 +- src/map/elemental.c | 1 + src/map/intif.c | 3 --- src/map/map.c | 6 +++--- src/map/npc.c | 3 +-- src/map/pc.c | 34 +++++++++++++++++----------------- src/map/pet.c | 2 +- src/map/script.c | 16 +++++++--------- src/map/skill.c | 30 +++++++++++++++++++++--------- src/map/status.c | 14 +++++++++----- src/map/trade.c | 8 ++++---- src/tool/mapcache.c | 6 +++--- 20 files changed, 111 insertions(+), 85 deletions(-) (limited to 'src') diff --git a/src/char/char.c b/src/char/char.c index 1d9d1d65c..3d328efa9 100644 --- a/src/char/char.c +++ b/src/char/char.c @@ -3009,12 +3009,12 @@ void char_send_maps(int fd, int id, int j) // Transmitting the maps of the other map-servers to the new map-server for(x = 0; x < ARRAYLENGTH(chr->server); x++) { if (chr->server[x].fd > 0 && x != id) { - WFIFOHEAD(fd,10 +4*ARRAYLENGTH(chr->server[x].map)); + WFIFOHEAD(fd,10 +4*chr->server[x].maps); WFIFOW(fd,0) = 0x2b04; WFIFOL(fd,4) = htonl(chr->server[x].ip); WFIFOW(fd,8) = htons(chr->server[x].port); j = 0; - for(i = 0; i < ARRAYLENGTH(chr->server[x].map); i++) + for(i = 0; i < chr->server[x].maps; i++) if (chr->server[x].map[i]) WFIFOW(fd,10+(j++)*4) = chr->server[x].map[i]; if (j > 0) { diff --git a/src/common/console.c b/src/common/console.c index d9567a313..97ca0650e 100644 --- a/src/common/console.c +++ b/src/common/console.c @@ -382,7 +382,7 @@ void console_parse_sub(char *line) { return; } else cmd = cmd->u.next[i]; - len += snprintf(sublist + len,CP_CMD_LENGTH * 5,":%s", cmd->cmd); + len += snprintf(sublist + len,(CP_CMD_LENGTH * 5) - len,":%s", cmd->cmd); } ShowError("Is only a category, type '"CL_WHITE"%s help"CL_RESET"' to list its subcommands\n",sublist); } diff --git a/src/common/mapindex.c b/src/common/mapindex.c index 0d8a69726..2264721fa 100644 --- a/src/common/mapindex.c +++ b/src/common/mapindex.c @@ -48,7 +48,7 @@ const char* mapindex_getmapname_ext(const char* string, char* output) { size_t len; - strcpy(buf,string); + safestrncpy(buf,string, sizeof(buf)); sscanf(string, "%*[^#]%*[#]%15s", buf); len = safestrnlen(buf, MAP_NAME_LENGTH); @@ -154,6 +154,7 @@ int mapindex_init(void) { switch (sscanf(line, "%12s\t%d", map_name, &index)) { case 1: //Map with no ID given, auto-assign index = last_index+1; + /* Fall through */ case 2: //Map with ID given mapindex->addmap(index,map_name); total++; diff --git a/src/common/utils.c b/src/common/utils.c index 5688362de..5ede86296 100644 --- a/src/common/utils.c +++ b/src/common/utils.c @@ -19,6 +19,7 @@ #include "../common/mmo.h" #include "../common/showmsg.h" #include "../common/socket.h" +#include "../common/strlib.h" #ifdef WIN32 # include "../common/winapi.h" @@ -156,16 +157,18 @@ static char* checkpath(char *path, const char*srcpath) { // just make sure the char*path is not const char *p=path; - if(NULL!=path && NULL!=srcpath) - while(*srcpath) { - if (*srcpath=='\\') { - *p++ = '/'; - srcpath++; + + if(NULL!=path && NULL!=srcpath) { + while(*srcpath) { + if (*srcpath=='\\') { + *p++ = '/'; + srcpath++; + } + else + *p++ = *srcpath++; } - else - *p++ = *srcpath++; + *p = *srcpath; //EOS } - *p = *srcpath; //EOS return path; } @@ -177,7 +180,7 @@ void findfile(const char *p, const char *pat, void (func)(const char*)) char tmppath[MAX_DIR_PATH+1]; char path[MAX_DIR_PATH+1]= "."; const char *pattern = (pat==NULL)? "" : pat; - if(p!=NULL) strcpy(path,p); + if(p!=NULL) safestrncpy(path,p,sizeof(path)); // open the directory for reading dir = opendir( checkpath(path, path) ); diff --git a/src/map/atcommand.c b/src/map/atcommand.c index a947b8f47..f750b307a 100644 --- a/src/map/atcommand.c +++ b/src/map/atcommand.c @@ -6177,14 +6177,15 @@ ACMD(users) } mapit->free(iter); - // display results for each map - for( i = 0; i < MAX_MAPINDEX; ++i ) - { - if( users[i] == 0 ) - continue;// empty + if( users_all ) { + // display results for each map + for( i = 0; i < MAX_MAPINDEX; ++i ) { + if( users[i] == 0 ) + continue;// empty - safesnprintf(buf, sizeof(buf), "%s: %d (%.2f%%)", mapindex_id2name(i), users[i], (float)(100.0f*users[i]/users_all)); - clif->message(sd->fd, buf); + safesnprintf(buf, sizeof(buf), "%s: %d (%.2f%%)", mapindex_id2name(i), users[i], (float)(100.0f*users[i]/users_all)); + clif->message(sd->fd, buf); + } } // display overall count @@ -6616,7 +6617,7 @@ ACMD(mobinfo) sprintf(atcmd_output, msg_txt(1247), monster->mexp); // MVP Bonus EXP:%u clif->message(fd, atcmd_output); - strcpy(atcmd_output, msg_txt(1248)); // MVP Items: + safestrncpy(atcmd_output, msg_txt(1248), sizeof(atcmd_output)); // MVP Items: j = 0; for (i = 0; i < MAX_MVP_DROP; i++) { if (monster->mvpitem[i].nameid <= 0 || (item_data = itemdb->exists(monster->mvpitem[i].nameid)) == NULL) @@ -7086,12 +7087,12 @@ ACMD(iteminfo) clif->message(fd, atcmd_output); if (item_data->maxchance == -1) - strcpy(atcmd_output, msg_txt(1281)); // - Available in the shops only. + safestrncpy(atcmd_output, msg_txt(1281), sizeof(atcmd_output)); // - Available in the shops only. else if ( !battle_config.atcommand_mobinfo_type ) { if( item_data->maxchance ) sprintf(atcmd_output, msg_txt(1282), (float)item_data->maxchance / 100 ); // - Maximal monsters drop chance: %02.02f%% else - strcpy(atcmd_output, msg_txt(1283)); // - Monsters don't drop this item. + safestrncpy(atcmd_output, msg_txt(1283), sizeof(atcmd_output)); // - Monsters don't drop this item. } clif->message(fd, atcmd_output); @@ -7130,7 +7131,7 @@ ACMD(whodrops) clif->message(fd, atcmd_output); if (item_data->mob[0].chance == 0) { - strcpy(atcmd_output, msg_txt(1286)); // - Item is not dropped by mobs. + safestrncpy(atcmd_output, msg_txt(1286), sizeof(atcmd_output)); // - Item is not dropped by mobs. clif->message(fd, atcmd_output); } else { sprintf(atcmd_output, msg_txt(1287), MAX_SEARCH); // - Common mobs with highest drop chance (only max %d are listed): diff --git a/src/map/battle.c b/src/map/battle.c index f332dd330..a5090c641 100644 --- a/src/map/battle.c +++ b/src/map/battle.c @@ -749,7 +749,8 @@ int64 battle_calc_masteryfix(struct block_list *src, struct block_list *target, #endif case RA_WUGDASH://(Caster Current Weight x 10 / 8) if( sd->weight ) - damage += sd->weight / 8 ; + damage += sd->weight / 8; + /* Fall through */ case RA_WUGSTRIKE: case RA_WUGBITE: damage += 30*pc->checkskill(sd, RA_TOOTHOFWUG); @@ -1508,6 +1509,7 @@ int battle_calc_skillratio(int attack_type, struct block_list *src, struct block if ( sd && sd->spiritcharm[SPIRITS_TYPE_CHARM_WATER] > 0 ) skillratio += 5 * sd->spiritcharm[SPIRITS_TYPE_CHARM_WATER]; #endif + /* Fall through */ case NJ_HYOUSYOURAKU: skillratio += 50 * skill_lv; if ( sd && sd->spiritcharm[SPIRITS_TYPE_CHARM_WATER] > 0 ) @@ -1521,6 +1523,7 @@ int battle_calc_skillratio(int attack_type, struct block_list *src, struct block case NJ_KAMAITACHI: if ( sd && sd->spiritcharm[SPIRITS_TYPE_CHARM_WIND] > 0 ) skillratio += 10 * sd->spiritcharm[SPIRITS_TYPE_CHARM_WIND]; + /* Fall through */ case NPC_ENERGYDRAIN: skillratio += 100 * skill_lv; break; @@ -2459,6 +2462,7 @@ int battle_calc_skillratio(int attack_type, struct block_list *src, struct block break; case GN_SPORE_EXPLOSION: skillratio = 100 * skill_lv + (200 + st->int_) * status->get_lv(src) / 100; + /* Fall through */ case GN_CRAZYWEED_ATK: skillratio += 400 + 100 * skill_lv; break; @@ -3521,6 +3525,7 @@ struct Damage battle_calc_magic_attack(struct block_list *src,struct block_list ad.flag = BF_WEAPON|BF_SHORT; ad.type = 0; } + /* Fall through */ default: MATK_RATE(battle->calc_skillratio(BF_MAGIC, src, target, skill_id, skill_lv, skillratio, mflag)); } @@ -4806,6 +4811,7 @@ struct Damage battle_calc_weapon_attack(struct block_list *src,struct block_list } wd.damage = battle->calc_masteryfix(src, target, skill_id, skill_lv, wd.damage, wd.div_, 0, flag.weapon); } + /* Fall through */ #endif default: ATK_RATE(battle->calc_skillratio(BF_WEAPON, src, target, skill_id, skill_lv, skillratio, wflag)); diff --git a/src/map/chrif.c b/src/map/chrif.c index a5003ab95..153216cef 100644 --- a/src/map/chrif.c +++ b/src/map/chrif.c @@ -952,14 +952,14 @@ void chrif_idbanned(int fd) { time_t timestamp; char tmpstr[2048]; timestamp = (time_t)RFIFOL(fd,7); // status or final date of a banishment - strcpy(tmpstr, msg_txt(423)); //"Your account has been banished until " + safestrncpy(tmpstr, msg_txt(423), sizeof(tmpstr)); //"Your account has been banished until " strftime(tmpstr + strlen(tmpstr), 24, "%d-%m-%Y %H:%M:%S", localtime(×tamp)); clif->message(sd->fd, tmpstr); } else if (RFIFOB(fd,6) == 2) { // 2: change of status for character time_t timestamp; char tmpstr[2048]; timestamp = (time_t)RFIFOL(fd,7); // status or final date of a banishment - strcpy(tmpstr, msg_txt(433)); //"This character has been banned until " + safestrncpy(tmpstr, msg_txt(433), sizeof(tmpstr)); //"This character has been banned until " strftime(tmpstr + strlen(tmpstr), 24, "%d-%m-%Y %H:%M:%S", localtime(×tamp)); clif->message(sd->fd, tmpstr); } diff --git a/src/map/clif.c b/src/map/clif.c index ae6b6d939..57e01278b 100644 --- a/src/map/clif.c +++ b/src/map/clif.c @@ -404,6 +404,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target case AREA_WOSC: if (sd && bl->prev == NULL) //Otherwise source misses the packet.[Skotlex] clif->send (buf, len, bl, SELF); + /* Fall through */ case AREA_WOC: case AREA_WOS: map->foreachinarea(clif->send_sub, bl->m, bl->x-AREA_SIZE, bl->y-AREA_SIZE, bl->x+AREA_SIZE, bl->y+AREA_SIZE, @@ -443,6 +444,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target y0 = bl->y - AREA_SIZE; x1 = bl->x + AREA_SIZE; y1 = bl->y + AREA_SIZE; + /* Fall through */ case PARTY: case PARTY_WOS: case PARTY_SAMEMAP: @@ -518,6 +520,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target y0 = bl->y - AREA_SIZE; x1 = bl->x + AREA_SIZE; y1 = bl->y + AREA_SIZE; + /* Fall through */ case GUILD_SAMEMAP: case GUILD_SAMEMAP_WOS: case GUILD: @@ -569,6 +572,7 @@ bool clif_send(const void* buf, int len, struct block_list* bl, enum send_target y0 = bl->y - AREA_SIZE; x1 = bl->x + AREA_SIZE; y1 = bl->y + AREA_SIZE; + /* Fall through */ case BG_SAMEMAP: case BG_SAMEMAP_WOS: case BG: @@ -5629,7 +5633,7 @@ void clif_displaymessage2(const int fd, const char* mes) { nullpo_retv(mes); //Scrapped, as these are shared by disconnected players =X [Skotlex] - if (fd == 0) + if (fd == 0 && !map->cpsd_active) ; else { // Limit message to 255+1 characters (otherwise it causes a buffer overflow in the client) diff --git a/src/map/duel.c b/src/map/duel.c index 98fa91d3e..964ef9e11 100644 --- a/src/map/duel.c +++ b/src/map/duel.c @@ -89,7 +89,7 @@ int duel_create(struct map_session_data* sd, const unsigned int maxpl) { duel->list[i].invites_count = 0; duel->list[i].max_players_limit = maxpl; - strcpy(output, msg_txt(372)); // " -- Duel has been created (@invite/@leave) --" + safestrncpy(output, msg_txt(372), sizeof(output)); // " -- Duel has been created (@invite/@leave) --" clif_disp_onlyself(sd, output, strlen(output)); clif->map_property(sd, MAPPROPERTY_FREEPVPZONE); diff --git a/src/map/elemental.c b/src/map/elemental.c index 50d6c34b3..a21c128b0 100644 --- a/src/map/elemental.c +++ b/src/map/elemental.c @@ -631,6 +631,7 @@ int elemental_ai_sub_timer_activesearch(struct block_list *bl, va_list ap) { case BL_PC: if( !map_flag_vs(ed->bl.m) ) return 0; + /* Fall through */ default: dist = distance_bl(&ed->bl, bl); if( ((*target) == NULL || !check_distance_bl(&ed->bl, *target, dist)) && battle->check_range(&ed->bl,bl,ed->db->range2) ) { //Pick closest target? diff --git a/src/map/intif.c b/src/map/intif.c index 73fb648ae..aac04df33 100644 --- a/src/map/intif.c +++ b/src/map/intif.c @@ -1248,9 +1248,6 @@ void intif_parse_GuildBasicInfoChanged(int fd) { int idx, max; struct guild_skill *gs = (struct guild_skill *)RFIFOP(fd,10); - if( gs == NULL ) - return; - idx = gs->id - GD_SKILLBASE; max = guild->skill_get_max(gs->id); if( gs->lv > max ) diff --git a/src/map/map.c b/src/map/map.c index 7eafde9dc..640dd0ce1 100644 --- a/src/map/map.c +++ b/src/map/map.c @@ -3353,10 +3353,10 @@ int map_waterheight(char* mapname) char *rsw, *found; //Look up for the rsw - sprintf(fn, "data\\%s.rsw", mapname); + snprintf(fn, sizeof(fn), "data\\%s.rsw", mapname); - found = grfio_find_file(fn); - if (found) strcpy(fn, found); // replace with real name + if ( (found = grfio_find_file(fn)) ) + safestrncpy(fn, found, sizeof(fn)); // replace with real name // read & convert fn rsw = (char *) grfio_read (fn); diff --git a/src/map/npc.c b/src/map/npc.c index 38ba9ae41..c00094f8c 100644 --- a/src/map/npc.c +++ b/src/map/npc.c @@ -3876,7 +3876,7 @@ const char* npc_parse_mapflag(char* w1, char* w2, char* w3, char* w4, const char map->list[m].flag.nomvploot=state; else if (!strcmpi(w3,"nocommand")) { if (state) { - if (sscanf(w4, "%d", &state) == 1) + if (w4 && sscanf(w4, "%d", &state) == 1) map->list[m].nocommand =state; else //No level specified, block everyone. map->list[m].nocommand =100; @@ -4113,7 +4113,6 @@ int npc_parsesrcfile(const char* filepath, bool runOnInit) { // More info at http://unicode.org/faq/utf_bom.html#bom5 and http://en.wikipedia.org/wiki/Byte_order_mark#UTF-8 ShowError("npc_parsesrcfile: Detected unsupported UTF-8 BOM in file '%s'. Stopping (please consider using another character set.)\n", filepath); aFree(buffer); - fclose(fp); return EXIT_FAILURE; } diff --git a/src/map/pc.c b/src/map/pc.c index 6e9cc1e7a..09194fbab 100644 --- a/src/map/pc.c +++ b/src/map/pc.c @@ -4265,6 +4265,7 @@ int pc_isUseitem(struct map_session_data *sd,int n) case ITEMID_ANODYNE: if( map_flag_gvg2(sd->bl.m) ) return 0; + /* Fall through */ case ITEMID_ALOEBERA: if( pc_issit(sd) ) return 0; @@ -4275,6 +4276,7 @@ int pc_isUseitem(struct map_session_data *sd,int n) clif->skill_mapinfomessage(sd,0); return 0; } + /* Fall through */ case ITEMID_WING_OF_BUTTERFLY: case ITEMID_DUN_TELE_SCROLL1: case ITEMID_DUN_TELE_SCROLL2: @@ -9046,22 +9048,20 @@ int pc_equipitem(struct map_session_data *sd,int n,int req_pos) status_calc_pc(sd,SCO_NONE); if (flag) //Update skill data clif->skillinfoblock(sd); - + //OnEquip script [Skotlex] - if (id) { - if (id->equip_script) - script->run(id->equip_script,0,sd->bl.id,npc->fake_nd->bl.id); - if(itemdb_isspecial(sd->status.inventory[n].card[0])) - ; //No cards - else { - for( i = 0; i < id->slot; i++ ) { - struct item_data *data; - if (!sd->status.inventory[n].card[i]) - continue; - if ( ( data = itemdb->exists(sd->status.inventory[n].card[i]) ) != NULL ) { - if( data->equip_script ) - script->run(data->equip_script,0,sd->bl.id,npc->fake_nd->bl.id); - } + if (id->equip_script) + script->run(id->equip_script,0,sd->bl.id,npc->fake_nd->bl.id); + if(itemdb_isspecial(sd->status.inventory[n].card[0])) + ; //No cards + else { + for( i = 0; i < id->slot; i++ ) { + struct item_data *data; + if (!sd->status.inventory[n].card[i]) + continue; + if ( ( data = itemdb->exists(sd->status.inventory[n].card[i]) ) != NULL ) { + if( data->equip_script ) + script->run(data->equip_script,0,sd->bl.id,npc->fake_nd->bl.id); } } } @@ -9709,7 +9709,7 @@ int map_day_timer(int tid, int64 tick, int id, intptr_t data) { map->night_flag = 0; // 0=day, 1=night [Yor] map->foreachpc(pc->daynight_timer_sub); - strcpy(tmp_soutput, (data == 0) ? msg_txt(502) : msg_txt(60)); // The day has arrived! + safestrncpy(tmp_soutput, (data == 0) ? msg_txt(502) : msg_txt(60), sizeof(tmp_soutput)); // The day has arrived! intif->broadcast(tmp_soutput, strlen(tmp_soutput) + 1, BC_DEFAULT); return 0; } @@ -9729,7 +9729,7 @@ int map_night_timer(int tid, int64 tick, int id, intptr_t data) { map->night_flag = 1; // 0=day, 1=night [Yor] map->foreachpc(pc->daynight_timer_sub); - strcpy(tmp_soutput, (data == 0) ? msg_txt(503) : msg_txt(59)); // The night has fallen... + safestrncpy(tmp_soutput, (data == 0) ? msg_txt(503) : msg_txt(59), sizeof(tmp_soutput)); // The night has fallen... intif->broadcast(tmp_soutput, strlen(tmp_soutput) + 1, BC_DEFAULT); return 0; } diff --git a/src/map/pet.c b/src/map/pet.c index 71dd39401..3d155b179 100644 --- a/src/map/pet.c +++ b/src/map/pet.c @@ -1177,7 +1177,7 @@ int read_petdb() if( pet->db[j].equip_script ) { script->free_code(pet->db[j].equip_script); - pet->db[j].pet_script = NULL; + pet->db[j].equip_script = NULL; } } diff --git a/src/map/script.c b/src/map/script.c index 549d3c269..828e02ab1 100644 --- a/src/map/script.c +++ b/src/map/script.c @@ -5372,6 +5372,7 @@ BUILDIN(warpparty) //"SavePoint" uses save point of the currently attached player if (( sd = script->rid2sd(st) ) == NULL ) return true; + /* Fall through */ default: map_index = 0; break; @@ -6774,7 +6775,7 @@ BUILDIN(grouprandomitem) { *------------------------------------------*/ BUILDIN(makeitem) { - int nameid,amount,flag = 0; + int nameid,amount; int x,y,m; const char *mapname; struct item item_tmp; @@ -6813,12 +6814,9 @@ BUILDIN(makeitem) memset(&item_tmp,0,sizeof(item_tmp)); - item_tmp.nameid=nameid; - if(!flag) - item_tmp.identify=1; - else - item_tmp.identify=itemdb->isidentified2(item_data); - + item_tmp.nameid = nameid; + item_tmp.identify=1; + map->addflooritem(&item_tmp,amount,m,x,y,0,0,0,0); return true; @@ -8719,7 +8717,7 @@ BUILDIN(setmount) option = ( flag == SETMOUNT_TYPE_DRAGON_GREEN ? OPTION_DRAGON1 : flag == SETMOUNT_TYPE_DRAGON_BROWN ? OPTION_DRAGON2 : flag == SETMOUNT_TYPE_DRAGON_GRAY ? OPTION_DRAGON3 : - flag == SETMOUNT_TYPE_DRAGON_RED ? OPTION_DRAGON4 : + flag == SETMOUNT_TYPE_DRAGON_BLUE ? OPTION_DRAGON4 : flag == SETMOUNT_TYPE_DRAGON_RED ? OPTION_DRAGON5 : OPTION_DRAGON1); // default value pc->setridingdragon(sd, option); @@ -14600,7 +14598,7 @@ BUILDIN(sscanf) { buf_p = reference_getname(data); if(not_server_variable(*buf_p) && (sd = script->rid2sd(st))==NULL) { script_pushint(st, -1); - if(buf) aFree(buf); + aFree(buf); if(ref_str) aFree(ref_str); return true; } diff --git a/src/map/skill.c b/src/map/skill.c index 6328959d7..6b0c99522 100644 --- a/src/map/skill.c +++ b/src/map/skill.c @@ -583,12 +583,13 @@ int skillnotok_hom(uint16 skill_id, struct homun_data *hd) } break; case MH_GOLDENE_FERSE: //can be used with angriff - if(hd->sc.data[SC_ANGRIFFS_MODUS]) - return 1; + if(hd->sc.data[SC_ANGRIFFS_MODUS]) + return 1; + /* Fall through */ case MH_ANGRIFFS_MODUS: - if(hd->sc.data[SC_GOLDENE_FERSE]) - return 1; - break; + if(hd->sc.data[SC_GOLDENE_FERSE]) + return 1; + break; } //Use master's criteria. @@ -806,6 +807,7 @@ int skill_additional_effect(struct block_list* src, struct block_list *bl, uint1 case AS_VENOMKNIFE: if (sd) //Poison chance must be that of Envenom. [Skotlex] skill_lv = pc->checkskill(sd, TF_POISON); + /* Fall through */ case TF_POISON: case AS_SPLASHER: if (!sc_start2(src,bl,SC_POISON,(4*skill_lv+10),skill_lv,src->id,skill->get_time2(skill_id,skill_lv)) @@ -1408,7 +1410,7 @@ int skill_additional_effect(struct block_list* src, struct block_list *bl, uint1 if (sd->def_set_race[tstatus->race].rate) status->change_start(src,bl, SC_DEFSET, sd->def_set_race[tstatus->race].rate, sd->def_set_race[tstatus->race].value, 0, 0, 0, sd->def_set_race[tstatus->race].tick, SCFLAG_FIXEDTICK); - if (sd->def_set_race[tstatus->race].rate) + if (sd->mdef_set_race[tstatus->race].rate) status->change_start(src,bl, SC_MDEFSET, sd->mdef_set_race[tstatus->race].rate, sd->mdef_set_race[tstatus->race].value, 0, 0, 0, sd->mdef_set_race[tstatus->race].tick, SCFLAG_FIXEDTICK); } @@ -2461,6 +2463,7 @@ int skill_attack(int attack_type, struct block_list* src, struct block_list *dsr break; case LG_OVERBRAND_BRANDISH: case LG_OVERBRAND: + /* Fall through */ dmg.amotion = status_get_amotion(src) * 2; case LG_OVERBRAND_PLUSATK: dmg.dmotion = clif->skill_damage(dsrc,bl,tick,status_get_amotion(src),dmg.dmotion,damage,dmg.div_,skill_id,-1,5); @@ -3666,6 +3669,7 @@ int skill_castend_damage_id(struct block_list* src, struct block_list *bl, uint1 case NC_PILEBUNKER: case NC_COLDSLOWER: if (sd) pc->overheat(sd,1); + /* Fall through */ case RK_WINDCUTTER: skill->attack(BF_WEAPON,src,src,bl,skill_id,skill_lv,tick,flag|SD_ANIMATION); break; @@ -3727,6 +3731,7 @@ int skill_castend_damage_id(struct block_list* src, struct block_list *bl, uint1 case NC_FLAMELAUNCHER: if (sd) pc->overheat(sd,1); + /* Fall through */ case SN_SHARPSHOOTING: case MA_SHARPSHOOTING: case NJ_KAMAITACHI: @@ -4188,6 +4193,7 @@ int skill_castend_damage_id(struct block_list* src, struct block_list *bl, uint1 case NPC_DARKBREATH: clif->emotion(src,E_AG); + /* Fall through */ case SN_FALCONASSAULT: case PA_PRESSURE: case CR_ACIDDEMONSTRATION: @@ -4877,6 +4883,7 @@ int skill_castend_id(int tid, int64 tick, int id, intptr_t data) { //These should become skill_castend_pos case WE_CALLPARTNER: if(sd) clif->callpartner(sd); + /* Fall through */ case WE_CALLPARENT: case WE_CALLBABY: case AM_RESURRECTHOMUN: @@ -6233,6 +6240,7 @@ int skill_castend_nodamage_id(struct block_list *src, struct block_list *bl, uin case SR_WINDMILL: case GN_CART_TORNADO: clif->skill_nodamage(src,bl,skill_id,skill_lv,1); + /* Fall through */ case SR_EARTHSHAKER: case NC_INFRAREDSCAN: case NPC_EARTHQUAKE: @@ -10419,7 +10427,7 @@ int skill_castend_pos2(struct block_list* src, int x, int y, uint16 skill_id, ui flag|=1; break; case HP_BASILICA: - if( sc->data[SC_BASILICA] ) + if( sc && sc->data[SC_BASILICA] ) status_change_end(src, SC_BASILICA, INVALID_TIMER); // Cancel Basilica else { // Create Basilica. Start SC on caster. Unit timer start SC on others. if( map->foreachinrange(skill_count_wos, src, 2, BL_MOB|BL_PC, src) ) { @@ -10448,6 +10456,7 @@ int skill_castend_pos2(struct block_list* src, int x, int y, uint16 skill_id, ui case SO_WARMER: flag|= 8; + /* Fall through */ case SO_CLOUD_KILL: skill->unitsetting(src,skill_id,skill_lv,x,y,0); break; @@ -10669,6 +10678,7 @@ int skill_castend_pos2(struct block_list* src, int x, int y, uint16 skill_id, ui case RK_WINDCUTTER: clif->skill_damage(src, src, tick, status_get_amotion(src), 0, -30000, 1, skill_id, skill_lv, 6); + /* Fall through */ case NC_COLDSLOWER: case RK_DRAGONBREATH: case RK_DRAGONBREATH_WATER: @@ -12624,6 +12634,7 @@ int skill_unit_onleft(uint16 skill_id, struct block_list *bl, int64 tick) { //your own. Let's pray that scenario is pretty unlikely and none will complain too much about it. status_change_end(bl, SC_DANCING, INVALID_TIMER); } + /* Fall through */ case MH_STEINWAND: case MG_SAFETYWALL: case AL_PNEUMA: @@ -14125,6 +14136,7 @@ int skill_check_condition_castend(struct map_session_data* sd, uint16 skill_id, case ITEMID_REPAIR_KIT: case ITEMID_MONKEY_SPANNER: cause = USESKILL_FAIL_NEED_EQUIPMENT; + /* Fall through */ default: clif->skill_fail(sd, skill_id, cause, max(1,require.amount[i])|(require.itemid[i] << 16)); return 0; @@ -14269,12 +14281,11 @@ struct skill_condition skill_get_requirement(struct map_session_data* sd, uint16 case KO_YAMIKUMO: if( sc && sc->data[status->skill2sc(skill_id)] ) return req; + /* Fall through */ default: - { if (skill->get_requirement_off_unknown(sc, &skill_id)) return req; break; - } } idx = skill->get_index(skill_id); @@ -17393,6 +17404,7 @@ int skill_produce_mix(struct map_session_data *sd, uint16 skill_id, int nameid, switch (skill_id) { case ASC_CDP: //25% Damage yourself, and display same effect as failed potion. status_percent_damage(NULL, &sd->bl, -25, 0, true); + /* Fall through */ case AM_PHARMACY: case AM_TWILIGHT1: case AM_TWILIGHT2: diff --git a/src/map/status.c b/src/map/status.c index 667d52dc2..e61c1df19 100644 --- a/src/map/status.c +++ b/src/map/status.c @@ -1541,12 +1541,12 @@ int status_fixed_revive(struct block_list *bl, unsigned int per_hp, unsigned int if(hp > st->max_hp - st->hp) hp = st->max_hp - st->hp; - else if (per_hp && !hp) + else if (!hp) hp = 1; if(sp > st->max_sp - st->sp) sp = st->max_sp - st->sp; - else if (per_sp && !sp) + else if (!sp) sp = 1; st->hp += hp; @@ -6576,6 +6576,7 @@ int status_get_sc_def(struct block_list *src, struct block_list *bl, enum sc_typ break; case SC_OBLIVIONCURSE: // 100% - (100 - 0.8 x INT) sc_def = st->int_*80; + /* Fall through */ case SC_TOXIN: case SC_PARALYSE: case SC_VENOMBLEED: @@ -8722,13 +8723,14 @@ int status_change_start(struct block_list *src, struct block_list *bl, enum sc_t val3 = 5 * val1 + val2;//Movement Speed And ASPD Increase break; case SC_SYMPHONY_LOVE: - val2 = 12 * val1 + val2 + sd->status.job_level / 4;//MDEF Increase In % + val2 = 12 * val1 + val2 + (sd ? sd->status.job_level : 70) / 4;//MDEF Increase In % + break; case SC_MOONLIT_SERENADE: case SC_RUSH_WINDMILL: - val2 = 6 * val1 + val2 + sd->status.job_level / 5; + val2 = 6 * val1 + val2 + (sd ? sd->status.job_level : 70) / 5; break; case SC_ECHOSONG: - val3 = 6 * val1 + val2 + sd->status.job_level / 4;//DEF Increase In % + val3 = 6 * val1 + val2 + (sd ? sd->status.job_level : 70) / 4;//DEF Increase In % break; case SC_HARMONIZE: val2 = 5 + 5 * val1; @@ -10306,6 +10308,7 @@ int status_change_end_(struct block_list* bl, enum sc_type type, int tid, const case SC_CLOAKING: case SC_CLOAKINGEXCEED: sc->option &= ~OPTION_CLOAK; + /* Fall through */ case SC_CAMOUFLAGE: opt_flag|= 2; break; @@ -11395,6 +11398,7 @@ int status_change_timer_sub(struct block_list* bl, va_list ap) { if( tsc && tsc->data[SC__SHADOWFORM] && (sce && sce->val4 >0 && sce->val4%2000 == 0) && // for every 2 seconds do the checking rnd()%100 < 100-tsc->data[SC__SHADOWFORM]->val1*10 ) // [100 - (Skill Level x 10)] % status_change_end(bl, SC__SHADOWFORM, INVALID_TIMER); + /* Fall through */ case SC_CONCENTRATION: status_change_end(bl, SC_HIDING, INVALID_TIMER); status_change_end(bl, SC_CLOAKING, INVALID_TIMER); diff --git a/src/map/trade.c b/src/map/trade.c index 4d6909957..46acb4e16 100644 --- a/src/map/trade.c +++ b/src/map/trade.c @@ -202,16 +202,16 @@ int impossible_trade_check(struct map_session_data *sd) index = sd->deal.item[i].index; if (inventory[index].amount < sd->deal.item[i].amount) { // if more than the player have -> hack - sprintf(message_to_gm, msg_txt(538), sd->status.name, sd->status.account_id); // Hack on trade: character '%s' (account: %d) try to trade more items that he has. + snprintf(message_to_gm, sizeof(message_to_gm), msg_txt(538), sd->status.name, sd->status.account_id); // Hack on trade: character '%s' (account: %d) try to trade more items that he has. intif->wis_message_to_gm(map->wisp_server_name, PC_PERM_RECEIVE_HACK_INFO, message_to_gm); - sprintf(message_to_gm, msg_txt(539), inventory[index].amount, inventory[index].nameid, sd->deal.item[i].amount); // This player has %d of a kind of item (id: %d), and try to trade %d of them. + snprintf(message_to_gm, sizeof(message_to_gm), msg_txt(539), inventory[index].amount, inventory[index].nameid, sd->deal.item[i].amount); // This player has %d of a kind of item (id: %d), and try to trade %d of them. intif->wis_message_to_gm(map->wisp_server_name, PC_PERM_RECEIVE_HACK_INFO, message_to_gm); // if we block people if (battle_config.ban_hack_trade < 0) { chrif->char_ask_name(-1, sd->status.name, 1, 0, 0, 0, 0, 0, 0); // type: 1 - block set_eof(sd->fd); // forced to disconnect because of the hack // message about the ban - strcpy(message_to_gm, msg_txt(540)); // This player has been definitively blocked. + safestrncpy(message_to_gm, msg_txt(540), sizeof(message_to_gm)); // This player has been definitively blocked. // if we ban people } else if (battle_config.ban_hack_trade > 0) { chrif->char_ask_name(-1, sd->status.name, 2, 0, 0, 0, 0, battle_config.ban_hack_trade, 0); // type: 2 - ban (year, month, day, hour, minute, second) @@ -220,7 +220,7 @@ int impossible_trade_check(struct map_session_data *sd) sprintf(message_to_gm, msg_txt(507), battle_config.ban_hack_trade); // This player has been banned for %d minute(s). } else // message about the ban - strcpy(message_to_gm, msg_txt(508)); // This player hasn't been banned (Ban option is disabled). + safestrncpy(message_to_gm, msg_txt(508), sizeof(message_to_gm)); // This player hasn't been banned (Ban option is disabled). intif->wis_message_to_gm(map->wisp_server_name, PC_PERM_RECEIVE_HACK_INFO, message_to_gm); return 1; diff --git a/src/tool/mapcache.c b/src/tool/mapcache.c index cfd05b0aa..2cc70ebf3 100644 --- a/src/tool/mapcache.c +++ b/src/tool/mapcache.c @@ -192,13 +192,13 @@ void process_args(int argc, char *argv[]) for(i = 0; i < argc; i++) { if(strcmp(argv[i], "-grf") == 0) { if(++i < argc) - strcpy(grf_list_file, argv[i]); + safestrncpy(grf_list_file, argv[i], sizeof(grf_list_file)); } else if(strcmp(argv[i], "-list") == 0) { if(++i < argc) - strcpy(map_list_file, argv[i]); + safestrncpy(map_list_file, argv[i], sizeof(map_list_file)); } else if(strcmp(argv[i], "-cache") == 0) { if(++i < argc) - strcpy(map_cache_file, argv[i]); + safestrncpy(map_cache_file, argv[i], sizeof(map_cache_file)); } else if(strcmp(argv[i], "-rebuild") == 0) rebuild = 1; } -- cgit v1.2.3-70-g09d2