Login
User Name:

Password:



Register
Forgot your password?
Vote for Us!
Development
Nov 28, 2018, 10:10 am
By Keirath
First Immortal
Oct 12, 2018, 12:02 pm
By GatewaySysop
Bug in do_climb( )
Jun 5, 2018, 5:31 pm
By joeyfogas
question on overland code
May 31, 2018, 10:03 am
By joeyfogas
KaVir's Protocol Snip
May 15, 2018, 7:57 pm
By joeyfogas
tintin++ ogg sound player script for linux
Author: Robert Smith
Submitted by: Vladaar
6Dragons ogg Soundpack
Author: Vladaar
Submitted by: Vladaar
6Dragons 4.4
Author: Vladaar
Submitted by: Vladaar
LoP 1.46
Author: Remcon
Submitted by: Remcon
LOP 1.45
Author: Remcon
Submitted by: Remcon
Users Online
CommonCrawl, Bing, DotBot

Members: 0
Guests: 9
Stats
Files
Topics
Posts
Members
Newest Member
481
3,740
19,397
632
ClarenceKe
Today's Birthdays
There are no member birthdays today.
Related Links
» SmaugMuds.org » General » Smaug Snippets » Color snippet
Forum Rules | Mark all | Recent Posts

Color snippet
< Newer Topic :: Older Topic > potential crash

Pages:<< prev 1 next >>
Post is unread #1 Jul 2, 2004, 12:47 am   Last edited Nov 18, 2007, 4:51 pm by Samson
Go to the top of the page
Go to the bottom of the page

Greven
Magician
GroupMembers
Posts204
JoinedMar 5, 2005

Came across this, I haven't been able to test it on AFKmud or any other mud that currently uses the new ansi color code. But, since it happens on mine, there is a slight possibility that it happens else where.

K, the problem seems to be here:
     strncpy( code, ANSI_RESET, 20 ); /* Yes, this reset here is quite necessary to cancel out other things */
               if( ch )
        strncat( code, color_str( ch->desc->pagecolor, ch ), 20 );
     break;


This is in colorcode, which is called from
      if( colstr > prevstr )
         write_to_buffer( d, prevstr, ( colstr-prevstr ) );

      ln = colorcode( colstr, colbuf, d->character );
Now, the version in the snippet is different from mine, as mine seems to be old, it uses ch->desc, not d, but I think the principle still stands. If during write_to_buffer, the buffer exceeds 32000( see comm.c, write_to_buffer ), the player is disconnecting, desctroying their descriptor data. Now, there is a check:
   if ( !txt || !d->descriptor )
but it is before this section. So if this particular block is too much, d is destroyed, and then passed on to colorcode. The pointer exists, since this isn't C++ and we are not using references, so the d = NULL in close_connection doesn't close the pointer of d in this function. So this bad pointer may crash on d->character, since d is dead. However, in my version of the code, it gets to colorcode, since it is using ch->desc instead, but now ch->desc is invalid, and it tries to call ch->desc->pagecolor, causing a crash. This is hard to see, of course, since your character was just disconnected due to a buffer overflow, heh.

Dunno if this has been resolved in the current edition, but I was faithfully able to recreate and came up with a solution for my own code:
      if ( !ch->desc ) return;
                        ln = colorcode(colstr, colbuf, ch);
You can probably check for d alone there, but that seemed to clear up the crashing issue. Hope that helps someone. If this has been resolved, just lemme know, maybe its time I updated my color code, heh.
       
Pages:<< prev 1 next >>