NPCを[e]で調べようとするとゲームが強制終了する #9
Comments
|
次のリリースをしたらクローズするつもりです。 |
roloa
pushed a commit
that referenced
this issue
May 31, 2020
The function `are_requirements_nearby` accesses `player::backlog::front()`, which causes UB when the `backlog` list is empty. This is usually checked by the caller, but there is at least one way to reach this function without that check: ``` #2 0x000000000083dfaa in string_id<activity_type>::operator== (rhs=..., this=0xdf1b460) at src/player_activity.h:93 #3 are_requirements_nearby (loot_spots=std::vector of length 21, capacity 32 = {...}, needed_things=..., p=..., activity_to_restore=..., in_loot_zones=true, src_loc=...) at src/activity_item_handling.cpp:1113 #4 0x0000000000843a46 in generic_multi_activity_check_requirement (p=..., act_id=..., act_info=..., src=..., src_loc=..., src_set=std::unordered_set with 1 element = {...}, check_only=false) at src/activity_item_handling.cpp:2676 #5 0x0000000000852813 in generic_multi_activity_handler (act=..., p=..., check_only=check_only@entry=false) at src/activity_item_handling.cpp:2885 #6 0x0000000000800896 in activity_handlers::multiple_butcher_do_turn (act=<optimized out>, p=<optimized out>) at src/activity_handlers.cpp:3822 #7 0x000000000082b248 in std::_Function_handler<void (player_activity*, player*), void (*)(player_activity*, player*)>::_M_invoke(std::_Any_data const&, player_activity*&&, player*&&) (__functor=..., __args#0=<optimized out>, __args#1=<optimized out>) at /usr/include/c++/8/bits/std_function.h:88 #8 0x00000000008630e3 in std::function<void (player_activity*, player*)>::operator()(player_activity*, player*) const (this=<optimized out>, __args#0=<optimized out>, __args#0@entry=0xdf1b330, __args#1=<optimized out>, __args#1@entry=0xdf1ae50) at /usr/include/c++/8/bits/std_function.h:260 #9 0x0000000000860306 in activity_type::call_do_turn (this=0x2c3c930, act=act@entry=0xdf1b330, p=p@entry=0xdf1ae50) at src/activity_type.cpp:118 #10 0x00000000014a968b in player_activity::do_turn (this=this@entry=0xdf1b330, p=...) at src/player_activity.cpp:237 #11 0x00000000013092a4 in npc::do_player_activity (this=this@entry=0xdf1ae50) at src/npcmove.cpp:3299 #12 0x0000000001322a07 in npc::execute_action (this=this@entry=0xdf1ae50, action=<optimized out>, action@entry=npc_player_activity) at src/npcmove.cpp:1237 #13 0x000000000132690a in npc::move (this=this@entry=0xdf1ae50) at src/npcmove.cpp:907 ``` This adds a simple check within the function.
DrPariah
pushed a commit
to DrPariah/Cataclysm-DDA_variant
that referenced
this issue
Nov 11, 2020
The function `are_requirements_nearby` accesses `player::backlog::front()`, which causes UB when the `backlog` list is empty. This is usually checked by the caller, but there is at least one way to reach this function without that check: ``` roloa#2 0x000000000083dfaa in string_id<activity_type>::operator== (rhs=..., this=0xdf1b460) at src/player_activity.h:93 roloa#3 are_requirements_nearby (loot_spots=std::vector of length 21, capacity 32 = {...}, needed_things=..., p=..., activity_to_restore=..., in_loot_zones=true, src_loc=...) at src/activity_item_handling.cpp:1113 roloa#4 0x0000000000843a46 in generic_multi_activity_check_requirement (p=..., act_id=..., act_info=..., src=..., src_loc=..., src_set=std::unordered_set with 1 element = {...}, check_only=false) at src/activity_item_handling.cpp:2676 roloa#5 0x0000000000852813 in generic_multi_activity_handler (act=..., p=..., check_only=check_only@entry=false) at src/activity_item_handling.cpp:2885 roloa#6 0x0000000000800896 in activity_handlers::multiple_butcher_do_turn (act=<optimized out>, p=<optimized out>) at src/activity_handlers.cpp:3822 roloa#7 0x000000000082b248 in std::_Function_handler<void (player_activity*, player*), void (*)(player_activity*, player*)>::_M_invoke(std::_Any_data const&, player_activity*&&, player*&&) (__functor=..., __args#0=<optimized out>, __args#1=<optimized out>) at /usr/include/c++/8/bits/std_function.h:88 roloa#8 0x00000000008630e3 in std::function<void (player_activity*, player*)>::operator()(player_activity*, player*) const (this=<optimized out>, __args#0=<optimized out>, __args#0@entry=0xdf1b330, __args#1=<optimized out>, __args#1@entry=0xdf1ae50) at /usr/include/c++/8/bits/std_function.h:260 roloa#9 0x0000000000860306 in activity_type::call_do_turn (this=0x2c3c930, act=act@entry=0xdf1b330, p=p@entry=0xdf1ae50) at src/activity_type.cpp:118 roloa#10 0x00000000014a968b in player_activity::do_turn (this=this@entry=0xdf1b330, p=...) at src/player_activity.cpp:237 roloa#11 0x00000000013092a4 in npc::do_player_activity (this=this@entry=0xdf1ae50) at src/npcmove.cpp:3299 roloa#12 0x0000000001322a07 in npc::execute_action (this=this@entry=0xdf1ae50, action=<optimized out>, action@entry=npc_player_activity) at src/npcmove.cpp:1237 roloa#13 0x000000000132690a in npc::move (this=this@entry=0xdf1ae50) at src/npcmove.cpp:907 ``` This adds a simple check within the function.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
[e]で調べた生き物がメイドかどうかを判断する時にnullチェックをしてなかったので、確実にぬるぽエラーを起こします。
すぐ直します。
The text was updated successfully, but these errors were encountered: