User Name:


Forgot your password?
Vote for Us!
auth_update crash
Dec 23, 2017, 10:15 pm
By Remcon
Dec 18, 2017, 7:21 pm
By Remcon
parse description bug
Dec 15, 2017, 10:08 pm
By Remcon
Couple bugs
Dec 12, 2017, 5:42 pm
By Remcon
Bug in disarm( )
Nov 12, 2017, 6:54 pm
By GatewaySysop
LoP 1.46
Author: Remcon
Submitted by: Remcon
LOP 1.45
Author: Remcon
Submitted by: Remcon
LOP Heroes Edition
Author: Vladaar
Submitted by: Vladaar
Heroes sound extras
Author: Vladaar
Submitted by: Vladaar
6Dragons 4.3
Author: Vladaar
Submitted by: Vladaar
Users Online
CommonCrawl, Yandex, Yahoo!

Members: 0
Guests: 9
Newest Member
Today's Birthdays
There are no member birthdays today.
Related Links
» SmaugMuds.org » General » Smaug Snippets » Color snippet
Forum Rules | Mark all | Recent Posts

Color snippet
< Newer Topic :: Older Topic > potential crash

Pages:<< prev 1 next >>
Post is unread #1 Jul 2, 2004, 12:47 am   Last edited Nov 18, 2007, 4:51 pm by Samson
Go to the top of the page
Go to the bottom of the page

JoinedMar 5, 2005

Came across this, I haven't been able to test it on AFKmud or any other mud that currently uses the new ansi color code. But, since it happens on mine, there is a slight possibility that it happens else where.

K, the problem seems to be here:
     strncpy( code, ANSI_RESET, 20 ); /* Yes, this reset here is quite necessary to cancel out other things */
               if( ch )
        strncat( code, color_str( ch->desc->pagecolor, ch ), 20 );

This is in colorcode, which is called from
      if( colstr > prevstr )
         write_to_buffer( d, prevstr, ( colstr-prevstr ) );

      ln = colorcode( colstr, colbuf, d->character );
Now, the version in the snippet is different from mine, as mine seems to be old, it uses ch->desc, not d, but I think the principle still stands. If during write_to_buffer, the buffer exceeds 32000( see comm.c, write_to_buffer ), the player is disconnecting, desctroying their descriptor data. Now, there is a check:
   if ( !txt || !d->descriptor )
but it is before this section. So if this particular block is too much, d is destroyed, and then passed on to colorcode. The pointer exists, since this isn't C++ and we are not using references, so the d = NULL in close_connection doesn't close the pointer of d in this function. So this bad pointer may crash on d->character, since d is dead. However, in my version of the code, it gets to colorcode, since it is using ch->desc instead, but now ch->desc is invalid, and it tries to call ch->desc->pagecolor, causing a crash. This is hard to see, of course, since your character was just disconnected due to a buffer overflow, heh.

Dunno if this has been resolved in the current edition, but I was faithfully able to recreate and came up with a solution for my own code:
      if ( !ch->desc ) return;
                        ln = colorcode(colstr, colbuf, ch);
You can probably check for d alone there, but that seemed to clear up the crashing issue. Hope that helps someone. If this has been resolved, just lemme know, maybe its time I updated my color code, heh.
Pages:<< prev 1 next >>