Fix segfault when attacked while polyed into disenchanter

The pointer keeping tabs of monster's current weapon was
not cleared.

How to trigger: Get hit by a monster wielding a weapon,
teleport to another level, poly into disenchanter, get hit
by any monster with AD_PHYS attack and not wielding any weapon.

diff --git a/src/mhitu.c b/src/mhitu.c
index 1cdd7bce72cc9d97a10e76a025071e78409c4691..86a064f8401fcb418087f1f91c53bc10e76098be 100644 (file)
--- a/src/mhitu.c
+++ b/src/mhitu.c
@@ -5,7 +5,7 @@
 #include "hack.h"
 #include "artifact.h"
 
-STATIC_VAR NEARDATA struct obj *otmp;
+STATIC_VAR NEARDATA struct obj *mon_currwep = (struct obj *) 0;
 
 STATIC_DCL boolean FDECL(u_slip_free, (struct monst *, struct attack *));
 STATIC_DCL int FDECL(passiveum, (struct permonst *, struct monst *,
@@ -646,6 +646,7 @@ register struct monst *mtmp;
 
     for (i = 0; i < NATTK; i++) {
         sum[i] = 0;
+        mon_currwep = (struct obj *)0;
         mattk = getmattk(mtmp, &youmonst, i, sum, &alt_attk);
         if ((u.uswallow && mattk->aatyp != AT_ENGL)
             || (skipnonmagc && mattk->aatyp != AT_MAGC))
@@ -747,18 +748,18 @@ register struct monst *mtmp;
                         break;
                 }
                 if (foundyou) {
-                    otmp = MON_WEP(mtmp);
-                    if (otmp) {
-                        hittmp = hitval(otmp, &youmonst);
+                    mon_currwep = MON_WEP(mtmp);
+                    if (mon_currwep) {
+                        hittmp = hitval(mon_currwep, &youmonst);
                         tmp += hittmp;
-                        mswings(mtmp, otmp);
+                        mswings(mtmp, mon_currwep);
                     }
                     if (tmp > (j = dieroll = rnd(20 + i)))
                         sum[i] = hitmu(mtmp, mattk);
                     else
                         missmu(mtmp, (tmp == j), mattk);
                     /* KMH -- Don't accumulate to-hit bonuses */
-                    if (otmp)
+                    if (mon_currwep)
                         tmp -= hittmp;
                 } else {
                     wildmiss(mtmp, mattk);
@@ -968,6 +969,7 @@ register struct attack *mattk;
                                          : "crushed");
             }
         } else { /* hand to hand weapon */
+            struct obj *otmp = mon_currwep;
             if (mattk->aatyp == AT_WEAP && otmp) {
                 int tmp;
 
@@ -2710,10 +2712,10 @@ register struct attack *mattk;
         return 1;
     }
     case AD_ENCH: /* KMH -- remove enchantment (disenchanter) */
-        if (otmp) {
+        if (mon_currwep) {
             /* by_you==True: passive counterattack to hero's action
                is hero's fault */
-            (void) drain_item(otmp, TRUE);
+            (void) drain_item(mon_currwep, TRUE);
             /* No message */
         }
         return 1;