git.pond.sub.org Git - empserver/commit

author	Markus Armbruster <armbru@pond.sub.org>
	Mon, 22 Dec 2014 14:29:17 +0000 (15:29 +0100)
committer	Markus Armbruster <armbru@pond.sub.org>
	Sun, 1 Feb 2015 15:53:01 +0000 (16:53 +0100)
commit	a4e519c377523415a8997bbd017c788e654f2976
tree	399f9a088ec4113c081b759eefc331c72934c87d	tree \| snapshot
parent	56ac486cc802765d6c05ef08ed300c102a6ecc8d	commit \| diff

navigate: Fix buffer overrun for impossibly long paths taken

When a player moves more than 1023 sectors in a single navigate
command, we overrun the buffer holding the path taken.  Remote hole,
but it requires a ship that can go that far, and even a ship with
speed 1000 would need a tech level well in excess of 1000 for that.
Thus, the hole is purely theoretical for even remotely sane game
configurations.

First known version with the flaw is 4.0.0.

Fix by going back the older behavior: don't print the total path
taken, but do print what the path finder does.  Context diff of an
example:

     [0:634] Command : nav 3 6,0
     Flagship is od   oil derrick (#3)
    +Using path 'n'
      h =
     k . .
      j d
     <67.2:67.2: 6,0> h
     od   oil derrick (#3) stopped at 6,0
    -Path taken: n

This is how march works.

Removes the only use of shp_nav_one_sector()'s unusual return value 2.
Return 1 instead.

Signed-off-by: Markus Armbruster <armbru@pond.sub.org>

src/lib/commands/navi.c		diff \| blob \| history
src/lib/subs/shpsub.c		diff \| blob \| history
src/lib/subs/unitsub.c		diff \| blob \| history
tests/fire/journal.log		diff \| blob \| history
tests/navi-march/journal.log		diff \| blob \| history
tests/retreat/journal.log		diff \| blob \| history
tests/smoke/journal.log		diff \| blob \| history