From 9361e872b2c328dc83337f3268879c36e18f05c0 Mon Sep 17 00:00:00 2001 From: nhmall Date: Tue, 24 Sep 2019 12:32:58 -0400 Subject: [PATCH] fix uarmh null pointer dereference uarmh null pointer dereference if a helm of opposite alignment came off due to being polymorphed fixes #225 --- doc/fixes36.3 | 2 ++ src/do_wear.c | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/doc/fixes36.3 b/doc/fixes36.3 index 86b1df33e..247c5410a 100644 --- a/doc/fixes36.3 +++ b/doc/fixes36.3 @@ -152,6 +152,8 @@ zapping self with wand of opening or spell of knock to escape from a pit trap wielded aklys that returned to hero when thrown while inside an engulfer left a stale 'thrownobj' pointer that triggered "add_to_minv: obj not free" panic if same weapon killed any engulfer via melee from inside +uarmh null pointer dereference if a helm of opposite alignment came off due + to being polymorphed Fixes to Post-3.6.2 Problems that Were Exposed Via git Repository diff --git a/src/do_wear.c b/src/do_wear.c index 6c99c1a5d..78262cba0 100644 --- a/src/do_wear.c +++ b/src/do_wear.c @@ -392,6 +392,7 @@ Helmet_on(VOID_ARGS) makeknown(uarmh->otyp); break; case HELM_OF_OPPOSITE_ALIGNMENT: + uarmh->known = 1; /* do this here because uarmh could get cleared */ /* changing alignment can toggle off active artifact properties, including levitation; uarmh could get dropped or destroyed here */ @@ -427,7 +428,9 @@ Helmet_on(VOID_ARGS) default: impossible(unknown_type, c_helmet, uarmh->otyp); } - uarmh->known = 1; /* helmet's +/- evident because of status line AC */ + /* uarmh could be zero due to uchangealign() */ + if (uarmh) + uarmh->known = 1; /* helmet's +/- evident because of status line AC */ return 0; } -- 2.40.0