Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#760 Missing map size check when loading unique items

None
closed
nobody
None
5
2014-04-13
2013-08-18
Kevin Zheng
No

Background
Unique items allow players to store objects that persist across map and server resets. On multi-player "public" maps, unique items are stored in a separate file that is read when the map is loaded.

Problem
When inserting items from the unique item file, the server does not check if the item being inserted is in the boundaries of the map in question.

Impact
When a map containing a unique item is shrunk, moved, or edited such that the location where the unique item was no longer exists, an invalid call will be passed to object_insert_in_map() in object.c. The invalid call will fail a sanity check in object.c and cause the program to terminate with abort(3) and a SIGABRT signal to be throw.

READ: If someone decides to split the Navar Tavern into smaller maps that are tiled together, the server will crash every time the original tavern is loaded. Players will be able to cause the server to crash on-demand.

Workaround
Always perform a "full-reset" after changing a public map with unique items.

Solution
The server should refuse to load any map containing a unique item file older than the map itself. Ideally, a server admin should be able to resolve the issue, and then manually issue a "full-reset" after rescuing players' items.

If this is not possible, the server should back up and discard the old unique-item file and load the map, after warning the admin.

1 Attachments

Discussion

  • Nicolas Weeger
    Nicolas Weeger
    2014-01-01

    This should be fixed by commit 19207 :)

    Thanks for reporting the bug.

     
  • Nicolas Weeger
    Nicolas Weeger
    2014-01-01

    • status: open --> closed-fixed
     
  • Kevin Zheng
    Kevin Zheng
    2014-01-18

    • Status: closed-fixed --> closed