From a03d20d7abf19fad63df3f920a6ac8d4e51a8d96 Mon Sep 17 00:00:00 2001 From: PatR Date: Fri, 17 Mar 2017 03:20:11 -0700 Subject: [PATCH] fix Bell of Opening segfault Noticed on nethack.alt.org; the Bell of Opening could trigger a segfault if applied near a trap door or bear trap (and a few others) that had no monster at the trap location. Reproducible if done while mounted; {open,close}{fall,hold}ingtrap() would try to access monst->mx and monst->my of a Null monst pointer if given one when u.usteed was non-Null. --- doc/fixes36.1 | 2 ++ src/trap.c | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/doc/fixes36.1 b/doc/fixes36.1 index f0986f9a2..179ac4fee 100644 --- a/doc/fixes36.1 +++ b/doc/fixes36.1 @@ -368,6 +368,8 @@ add option status_updates to prevent bottom of screen status line updates fix achievement recording bug with mines and sokoban prizes g.cubes would eat globs of green slime without harm; engulf those instead fix up true rumor about rock moles vs boots +Bell of Opening could trigger segfault attempting to open some types of traps + if hero was mounted Fixes to Post-3.6.0 Problems that Were Exposed Via git Repository diff --git a/src/trap.c b/src/trap.c index 0df86b1d7..2c9b4e511 100644 --- a/src/trap.c +++ b/src/trap.c @@ -1,4 +1,4 @@ -/* NetHack 3.6 trap.c $NHDT-Date: 1473665044 2016/09/12 07:24:04 $ $NHDT-Branch: NetHack-3.6.0 $:$NHDT-Revision: 1.274 $ */ +/* NetHack 3.6 trap.c $NHDT-Date: 1489745987 2017/03/17 10:19:47 $ $NHDT-Branch: NetHack-3.6.0 $:$NHDT-Revision: 1.277 $ */ /* Copyright (c) Stichting Mathematisch Centrum, Amsterdam, 1985. */ /* NetHack may be freely redistributed. See license for details. */ @@ -4420,6 +4420,8 @@ boolean *noticed; /* set to true iff hero notices the effect; */ const char *trapdescr, *which; boolean ishero = (mon == &youmonst); + if (!mon) + return FALSE; if (mon == u.usteed) ishero = TRUE; t = t_at(ishero ? u.ux : mon->mx, ishero ? u.uy : mon->my); @@ -4478,6 +4480,8 @@ boolean *noticed; /* set to true iff hero notices the effect; */ unsigned dotrapflags; boolean ishero = (mon == &youmonst), result; + if (!mon) + return FALSE; if (mon == u.usteed) ishero = TRUE; t = t_at(ishero ? u.ux : mon->mx, ishero ? u.uy : mon->my); @@ -4521,6 +4525,8 @@ boolean *noticed; /* set to true iff hero notices the effect; */ struct trap *t; boolean ishero = (mon == &youmonst), result; + if (!mon) + return FALSE; if (mon == u.usteed) ishero = TRUE; t = t_at(ishero ? u.ux : mon->mx, ishero ? u.uy : mon->my); -- 2.50.1