#322 [patch] server crashes after "reset movement" order

closed-fixed
nobody
None
5
2007-12-28
2007-12-28
Karl Chen
No

Hi,

The following sequence of actions in the GUI client will crash the server:
1. give fleet F at system A an order to move to system B [click on fleet F, right click B]
2. give fleet F an order to stay at system A [click on fleet F, right click A]
3. next turn

The freeoriond process segfaults in Fleet::ETA() because m_next_system != INVALID_OBJECT_ID; m_travel_route contains exactly 1 item which is the current System; it advances the iterator past that single item and dereferences the now-invalid iterator.

The following change fixes the problem for me. In Fleet::SetRoute(), when resetting m_moving_to to INVALID_OBJECT_ID, also reset m_next_system and m_prev_system. The attached patch has this change plus an extra assertion in Fleet::ETA().

Best,
Karl

Discussion

  • Karl Chen

    Karl Chen - 2007-12-28

    fix segfault when processing "reset movement" fleet order

     
  • Geoff Topping

    Geoff Topping - 2007-12-28

    Logged In: YES
    user_id=913462
    Originator: NO

    Fixed in SVN.

     
  • Geoff Topping

    Geoff Topping - 2007-12-28
    • status: open --> closed-fixed
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks