From 7da438e44d491aa6098ce75df65650521f166028 Mon Sep 17 00:00:00 2001 From: chasonr Date: Sat, 1 Feb 2014 10:40:26 -0500 Subject: [PATCH] Fix for bug C343-172. The DevTeam describes this bug as: "Crash could occur when monster uses potion or food to cure stoning or confusion." The crash occurs because mon_consume_unstone calls m_useup (which may free obj) and then uses obj afterwards. --- src/muse.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/muse.c b/src/muse.c index 86044e5..ef1f323 100644 --- a/src/muse.c +++ b/src/muse.c @@ -2127,7 +2127,10 @@ struct obj *obj; boolean by_you; boolean stoning; { - int nutrit = (obj->otyp == CORPSE) ? dog_nutrition(mon, obj) : 0; + /* Save otyp and corpsenm for use after m_useup */ + short obj_otyp = obj->otyp; + int obj_corpsenm = obj->corpsenm; + int nutrit = (obj_otyp == CORPSE) ? dog_nutrition(mon, obj) : 0; /* also sets meating */ /* give a " is slowing down" message and also remove @@ -2139,13 +2142,13 @@ boolean stoning; obj->quan = 1L; pline("%s %ss %s.", Monnam(mon), - (obj->otyp == POT_ACID) ? "quaff" : "eat", + (obj_otyp == POT_ACID) ? "quaff" : "eat", distant_name(obj,doname)); obj->quan = save_quan; } else if (flags.soundok) - You_hear("%s.", (obj->otyp == POT_ACID) ? "drinking" : "chewing"); + You_hear("%s.", (obj_otyp == POT_ACID) ? "drinking" : "chewing"); m_useup(mon, obj); - if (((obj->otyp == POT_ACID) || acidic(&mons[obj->corpsenm])) && + if (((obj_otyp == POT_ACID) || acidic(&mons[obj_corpsenm])) && !resists_acid(mon)) { mon->mhp -= rnd(15); pline("%s has a very bad case of stomach acid.", @@ -2164,7 +2167,7 @@ boolean stoning; else pline("%s seems limber!", Monnam(mon)); } - if (obj->otyp == CORPSE && obj->corpsenm == PM_LIZARD && mon->mconf) { + if (obj_otyp == CORPSE && obj_corpsenm == PM_LIZARD && mon->mconf) { mon->mconf = 0; if (canseemon(mon)) pline("%s seems steadier now.", Monnam(mon));