Markus Armbruster
030b374db7
I observed a stack overflow in news command on my x86_64 system
running Fedora 18.
Empire 2 settled on this formula for the stack size:
stacksize = 100000
/* budget */ + MAX(WORLD_SZ() * sizeof(int) * 7,
/* power */ MAXNOC * sizeof(struct powstr));
Obviously attempts to provide space for known configuration-dependent
stack hogs.
The first hog is allegedly budget. Bogus since day one: its large
arrays were static in Empire 2, and became dynamically allocated in
Empire 3.
The second one makes some sense: powe() has a struct powstr[MAXNOC].
It also has an int[MAXNOC], which isn't accounted for.
Except for ridiculously small worlds, the second term is smaller, and
only the (bogus) first term matters.
Two hogs are missing: head() has a struct histstr[MAXNOC][MAXNOC], and
news() has a short[MAXNOC][MAXNOC]. It also calls head().
I looked for more hogs with "gcc -fstack-usage", and found none.
On my x86_64 system, a news command needs almost 107KiB of stack.
Only slightly less when compiled for 32 bit. Stack overrun for worlds
with fewer than some 320 sectors, thus unlikely to bite in real games.
Increase player stack size to 1 MiB. Using MAXNOC to size the stack
isn't worth the trouble.
Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
|
||
|---|---|---|
| .. | ||
| commands | ||
| common | ||
| empthread | ||
| gen | ||
| global | ||
| lwp | ||
| player | ||
| subs | ||
| update | ||
| w32 | ||