From e1283b118a6c9054403027c7422622eef4bf1f9a Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Tue, 13 May 2008 08:36:06 +0200 Subject: [PATCH] Fix crash bug in satellite maps The value of diffx() had the wrong sign when the arguments differed by WORLD_X / 2. Same for diffy() and WORLD_Y / 2. satmap() used them to find the vector from map center to ship or land unit to put on the map, and got incorrect values for ships and land units directly opposite to the center in x or y. The bug made satmap() read a pointer out bounds of its malloced radbuf[], and then write through that with unpredictable consequences. Broken in 4.2.12. The original bug was in Empire 1.1: it miscalculated where to put ships on the map (no crash). An incomplete fix for radmap() and satmap() appeared in Chainsaw 2 (still no crash). radmap() got fixed correctly in Chainsaw 3, but satmap() was forgotten. That one got "fixed" in 4.2.7, and again in 4.2.12, but both "fixes" were flawed and could crash. Fix by backing out the flawed fixes and adopting the fix from radmap() instead. (cherry picked from commit 0cc474bd6dd095235330f4e15141c9d5e5adc4b4) --- include/prototypes.h | 2 -- src/lib/common/mapdist.c | 28 ---------------------------- src/lib/subs/satmap.c | 22 ++++------------------ 3 files changed, 4 insertions(+), 48 deletions(-) diff --git a/include/prototypes.h b/include/prototypes.h index cc4fd26a9..450e69b75 100644 --- a/include/prototypes.h +++ b/include/prototypes.h @@ -282,8 +282,6 @@ extern int logreopen(void); extern void logerror(char *, ...) ATTRIBUTE((format (printf, 1, 2))); /* more in misc.h */ /* mapdist.c */ -extern int diffx(int, int); -extern int diffy(int, int); extern int deltax(int, int); extern int deltay(int, int); extern int mapdist(int, int, int, int); diff --git a/src/lib/common/mapdist.c b/src/lib/common/mapdist.c index cac702f45..50d90c00c 100644 --- a/src/lib/common/mapdist.c +++ b/src/lib/common/mapdist.c @@ -41,34 +41,6 @@ #include "optlist.h" #include "prototypes.h" -int -diffx(int x1, int x2) -{ - int dx; - - dx = x1 - x2; - dx = dx % WORLD_X; - if (dx > WORLD_X / 2) - dx = dx - WORLD_X; - if (dx < -WORLD_X / 2) - dx = dx + WORLD_X; - return dx; -} - -int -diffy(int y1, int y2) -{ - int dy; - - dy = y1 - y2; - dy = dy % WORLD_Y; - if (dy > WORLD_Y / 2) - dy = dy - WORLD_Y; - if (dy < -WORLD_Y / 2) - dy = dy + WORLD_Y; - return dy; -} - int deltax(int x1, int x2) { diff --git a/src/lib/subs/satmap.c b/src/lib/subs/satmap.c index f4def5dff..15a060201 100644 --- a/src/lib/subs/satmap.c +++ b/src/lib/subs/satmap.c @@ -177,15 +177,8 @@ satmap(int x, int y, int eff, int range, int flags, int type) } /* If we are imaging *and* drawing the map */ if ((flags & P_I) && (type == EF_BAD)) { - /* Figure out where to put the ship */ - /* First, figure out the distance from the two */ - rx = diffx((int)ship.shp_x, x); - ry = diffy((int)ship.shp_y, y); - /* Next, determine which direction to add it to the center */ - /* We can only do this if imaging and we have gotten the center - up above by imaging the sectors. */ - rx = deltax(x, ns.range.lx) + rx; - ry = deltay(y, ns.range.ly) + ry; + rx = deltx(&ns.range, ship.shp_x); + ry = delty(&ns.range, ship.shp_y); /* &~0x20 makes it a cap letter */ rad[ry][rx] = (*mchr[(int)ship.shp_type].m_name) & ~0x20; } @@ -230,15 +223,8 @@ satmap(int x, int y, int eff, int range, int flags, int type) } /* If we are imaging *and* drawing the map */ if ((flags & P_I) && (type == EF_BAD)) { - /* Figure out where to put the unit */ - /* First, figure out the distance from the two */ - rx = diffx((int)land.lnd_x, x); - ry = diffy((int)land.lnd_y, y); - /* Next, determine which direction to add it to the center */ - /* We can only do this if imaging and we have gotten the center - up above by imaging the sectors. */ - rx = deltax(x, ns.range.lx) + rx; - ry = deltay(y, ns.range.ly) + ry; + rx = deltx(&ns.range, land.lnd_x); + ry = delty(&ns.range, land.lnd_y); /* &~0x20 makes it a cap letter */ rad[ry][rx] = (*lchr[(int)land.lnd_type].l_name) & ~0x20; } -- 2.43.0