From 3650587dab63d8622cb36f9f9a73805d0e65fbfc Mon Sep 17 00:00:00 2001
From: Markus Armbruster <armbru@pond.sub.org>
Date: Sat, 16 Jan 2010 17:15:22 +0100
Subject: [PATCH] Fix navigate/march crash on funny path arguments

For an argument consisting of a valid path plus whitespace,
do_unit_move() eventually passed the whitespace suffix to parse(),
then dereferenced player->argp[0].  But that was null.

Broken in commit 0c12d837, v4.3.7.  Trivial for players to trigger.
---
 src/lib/commands/navi.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/lib/commands/navi.c b/src/lib/commands/navi.c
index cf297411e..0f6189cdb 100644
--- a/src/lib/commands/navi.c
+++ b/src/lib/commands/navi.c
@@ -184,7 +184,10 @@ do_unit_move(struct emp_qelem *ulist, int *together,
 	    continue;
 	}
 	ac = parse(cp, scanspace, player->argp, NULL, NULL, NULL);
-	if (ac <= 1) {
+	if (ac <= 0) {
+	    player->argp[0] = "";
+	    cp = NULL;
+	} else if (ac == 1) {
 	    sprintf(dp, "%d", leader->uid);
 	    player->argp[1] = dp;
 	    cp++;
-- 
2.43.0