additonal oextra care

Be deliberately careful with copies taken of
oextra pointers and clear the pointer if it
truly is a redundant copy that will become
invalid if/when the original holder is deallocated.

diff --git a/src/apply.c b/src/apply.c
index 7a5c8d3237983eba3f09f962077a203081b35b18..cb3b7314a34588e1eb72f8a0feca5e939ed4896d 100644 (file)
--- a/src/apply.c
+++ b/src/apply.c
@@ -1,4 +1,4 @@
-/*     SCCS Id: @(#)apply.c    3.5     2005/12/05      */
+/*     SCCS Id: @(#)apply.c    3.5     2006/05/13      */
 /* Copyright (c) Stichting Mathematisch Centrum, Amsterdam, 1985. */
 /* NetHack may be freely redistributed.  See license for details. */
 
@@ -1997,6 +1997,9 @@ struct obj *tstone;
     if (obj->oclass == COIN_CLASS) {
        u.ugold += obj->quan;   /* keep botl up to date */
        goldobj = *obj;
+       goldobj.oextra = (struct oextra *)0; /* dealloc_obj(obj) will invalidate
+                                               the target of this copied ptr
+                                               here, so clear it out */
        dealloc_obj(obj);
        obj = &goldobj;
     }

diff --git a/src/artifact.c b/src/artifact.c
index 3b5ea3be79b4f32cb5b3ba98960db612c899fefc..44496631eaafc531dcd9b9e9c828b4d3fa259f41 100644 (file)
--- a/src/artifact.c
+++ b/src/artifact.c
@@ -1233,7 +1233,7 @@ arti_invoke(obj)
        case TAMING: {
            struct obj pseudo;
 
-           pseudo = zeroobj;   /* neither cursed nor blessed */
+           pseudo = zeroobj;   /* neither cursed nor blessed, zero oextra too */
            pseudo.otyp = SCR_TAMING;
            (void) seffects(&pseudo);
            break;

diff --git a/src/detect.c b/src/detect.c
index fb5c65932fcf1fc2ac0320015fd2dd15cc89c646..efda3fe48caf81f50fb62d0a8c0a3934f665d8f8 100644 (file)
--- a/src/detect.c
+++ b/src/detect.c
@@ -1,4 +1,4 @@
-/*     SCCS Id: @(#)detect.c   3.5     2005/11/09      */
+/*     SCCS Id: @(#)detect.c   3.5     2006/05/13      */
 /* Copyright (c) Stichting Mathematisch Centrum, Amsterdam, 1985. */
 /* NetHack may be freely redistributed.  See license for details. */
 
@@ -259,7 +259,7 @@ outgoldmap:
        if (findgold(mtmp->minvent) || monsndx(mtmp->data) == PM_GOLD_GOLEM) {
 #endif
            struct obj gold;
-
+           gold = zeroobj;             /* ensure oextra is cleared too */
            gold.otyp = GOLD_PIECE;
            gold.ox = mtmp->mx;
            gold.oy = mtmp->my;
@@ -540,6 +540,7 @@ int         class;          /* an object class, 0 for all */
                (!class || class == objects[mtmp->mappearance].oc_class)) {
            struct obj temp;
 
+           temp.oextra = (struct oextra *)0;
            temp.otyp = mtmp->mappearance;      /* needed for obj_to_glyph() */
            temp.ox = mtmp->mx;
            temp.oy = mtmp->my;
@@ -551,7 +552,7 @@ int         class;          /* an object class, 0 for all */
        } else if (findgold(mtmp->minvent) && (!class || class == COIN_CLASS)) {
 #endif
            struct obj gold;
-
+           gold = zeroobj;             /* ensure oextra is cleared too */
            gold.otyp = GOLD_PIECE;
            gold.ox = mtmp->mx;
            gold.oy = mtmp->my;
@@ -649,7 +650,9 @@ xchar x, y;
 int src_cursed;
 {
     if (Hallucination || src_cursed) {
-       struct obj obj;                 /* fake object */
+       struct obj obj;         /* fake object */
+
+       obj.oextra = (struct oextra *)0;
        if (trap) {
            obj.ox = trap->tx;
            obj.oy = trap->ty;

diff --git a/src/display.c b/src/display.c
index 4dd5fafc8fc67929a03d6184f5556b163cc32332..b9c7cf0e0966560e8d106560b0df743cb68c89a7 100644 (file)
--- a/src/display.c
+++ b/src/display.c
@@ -403,6 +403,7 @@ display_monster(x, y, mon, sightflags, worm_tail)
            case M_AP_OBJECT: {
                struct obj obj; /* Make a fake object to send   */
                                /* to map_object().             */
+               obj.oextra = (struct oextra *)0;
                obj.ox = x;
                obj.oy = y;
                obj.otyp = mon->mappearance;

diff --git a/src/music.c b/src/music.c
index 8ce9a7dbb4020bb5412c6770475648b7337f4b90..6e0124accc26d6e5430ae6b8cecf81bc4e63e233 100644 (file)
--- a/src/music.c
+++ b/src/music.c
@@ -403,6 +403,10 @@ struct obj *instr;
        struct obj itmp;
 
        itmp = *instr;
+       itmp.oextra = (struct oextra *)0;  /* ok on this copy as instr maintains
+                                             the ptr to free at some point if
+                                             there is one */
+
        /* if won't yield special effect, make sound of mundane counterpart */
        if (!do_spec || instr->spe <= 0)
            while (objects[itmp.otyp].oc_magic) itmp.otyp -= 1;

diff --git a/src/trap.c b/src/trap.c
index f567f4cf11d3a13e45e0cfcfcbb8c8876d25eff0..ba05e90bc824a2a951afb991087ca66f1d7d849f 100644 (file)
--- a/src/trap.c
+++ b/src/trap.c
@@ -2748,7 +2748,8 @@ domagictrap()
                   {    struct obj pseudo;
                        long save_conf = HConfusion;
 
-                       pseudo = zeroobj;   /* neither cursed nor blessed */
+                       pseudo = zeroobj;   /* neither cursed nor blessed,
+                                               and zero out oextra */
                        pseudo.otyp = SCR_REMOVE_CURSE;
                        HConfusion = 0L;
                        (void) seffects(&pseudo);