Fix use of invalid pointer when depleting resource "none"

prod() and produce() dereferenced resource uninitialized for products
depleting resource "none" (p_nrdep != 0 && p_nrndx == 0).  The latter
even wrote to it.

Depleting "none" makes no sense, and the depletion is now ignored.
Before, it could conceivably crash the server or corrupt the game.

diff --git a/src/lib/commands/prod.c b/src/lib/commands/prod.c
index 80f281b207e6ddd0390b0bba430dc5139a696f74..2b2b6519653227783d720780350eb96d6e48b04a 100644 (file)
--- a/src/lib/commands/prod.c
+++ b/src/lib/commands/prod.c
@@ -211,14 +211,17 @@ prod(void)
        unit_work = 0;
        pp = &pchr[dchr[type].d_prd];
        vtype = pp->p_type;
+       if (pp->p_nrndx)
+           resource = (unsigned char *)&sect + pp->p_nrndx;
+       else
+           resource = NULL;
        natp = getnatp(sect.sct_own);
        /*
         * sect p_e  (inc improvements)
         */
-       if (pp->p_nrndx != 0) {
+       if (resource) {
            unit_work++;
-           resource = (unsigned char *)&sect + pp->p_nrndx;
-           p_e = (*resource * p_e) / 100.0;
+           p_e *= *resource / 100.0;
        }
        /*
         * production effic.
@@ -244,7 +247,7 @@ prod(void)
         * workforce?
         */
        max = (int)(work * p_e / (double)unit_work + 0.5);
-       if (pp->p_nrdep != 0 && vtype != I_NONE) {
+       if (resource && pp->p_nrdep != 0 && vtype != I_NONE) {
            if (*resource * 100 < pp->p_nrdep * max)
                max = *resource * 100 / pp->p_nrdep;
        }

diff --git a/src/lib/update/produce.c b/src/lib/update/produce.c
index 8fbc569fa688b299edb3a55055564fc0e5898c6e..23049955221f076fe83f24b193a54ec27f99f985 100644 (file)
--- a/src/lib/update/produce.c
+++ b/src/lib/update/produce.c
@@ -66,6 +66,10 @@ produce(struct natstr *np, struct sctstr *sp, short *vec, int work,
        return 0;
     product = &pchr[dchr[desig].d_prd];
     item = product->p_type;
+    if (product->p_nrndx)
+       resource = (unsigned char *)sp + product->p_nrndx;
+    else
+       resource = NULL;
     *amount = 0;
     *cost = 0;
 
@@ -75,10 +79,9 @@ produce(struct natstr *np, struct sctstr *sp, short *vec, int work,
      * calculate production efficiency.
      */
     p_e = neweff / 100.0;
-    if (product->p_nrndx != 0) {
+    if (resource) {
        unit_work++;
-       resource = (unsigned char *)sp + product->p_nrndx;
-       p_e = (*resource * p_e) / 100.0;
+       p_e *= *resource / 100.0;
     }
     /*
      * determine number that can be made with
@@ -90,7 +93,7 @@ produce(struct natstr *np, struct sctstr *sp, short *vec, int work,
     worker_limit = roundavg(work * p_e / unit_work);
     if (material_consume > worker_limit)
        material_consume = worker_limit;
-    if (product->p_nrdep != 0) {
+    if (resource && product->p_nrdep != 0) {
        if (*resource * 100 < product->p_nrdep * material_consume)
            material_consume = *resource * 100 / product->p_nrdep;
     }
@@ -140,7 +143,7 @@ produce(struct natstr *np, struct sctstr *sp, short *vec, int work,
      */
     if (!player->simulation) {
        materials_charge(product, vec, material_consume);
-       if (product->p_nrdep != 0) {
+       if (resource && product->p_nrdep != 0) {
            /*
             * lower natural resource in sector depending on
             * amount produced