From 0206ffbec6ee57dfdafae9e175c37957349d6dcc Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 09:57:57 +0100 Subject: [PATCH 1/9] accidentally inverted condition when fixing volcano attribute --- src/randenc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/randenc.c b/src/randenc.c index 1654f27ee..3a29bf886 100644 --- a/src/randenc.c +++ b/src/randenc.c @@ -580,7 +580,7 @@ volcano_destruction(region * volcano, region * r, const char *damage) rsettrees(r, 0, 0); a = a_find(r->attribs, &at_reduceproduction); - if (a) { + if (!a) { a = a_add(&r->attribs, make_reduceproduction(percent, time)); } else { From 2a7fc876566b3451af6cbec6290273616e68d355 Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 10:58:08 +0100 Subject: [PATCH 2/9] CID 30742 Dereference before null check CID 30741 ditto --- src/kernel/connection.c | 46 +++++++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 20 deletions(-) diff --git a/src/kernel/connection.c b/src/kernel/connection.c index e08cbe806..dbf29bff9 100644 --- a/src/kernel/connection.c +++ b/src/kernel/connection.c @@ -606,7 +606,6 @@ int read_borders(struct storage *store) for (;;) { int bid = 0; char zText[32]; - connection *b; region *from, *to; border_type *type; @@ -629,6 +628,10 @@ int read_borders(struct storage *store) READ_INT(store, &tid); from = findregionbyid(fid); to = findregionbyid(tid); + if (!to || !from) { + log_warning("%s connection between incomplete regions %d and %d", zText, fid, tid); + continue; + } } type = find_bordertype(zText); @@ -644,26 +647,29 @@ int read_borders(struct storage *store) if (r != NULL) to = r; } - b = new_border(type, from, to); - nextborder--; /* new_border erhöht den Wert */ - b->id = bid; - assert(bid <= nextborder); - if (type->read) - type->read(b, store); - if (global.data_version < NOBORDERATTRIBS_VERSION) { - attrib *a = NULL; - int result = a_read(store, &a, b); - if (border_convert_cb) - border_convert_cb(b, a); - while (a) { - a_remove(&a, a); - } - if (result < 0) - return result; + if ((type->read && !type->write)) { + log_warning("ignore invalid border '%s' between '%s' and '%s'\n", zText, regionname(from, 0), regionname(to, 0)); } - if ((type->read && !type->write) || !to || !from) { - log_warning("erase invalid border '%s' between '%s' and '%s'\n", type->__name, regionname(from, 0), regionname(to, 0)); - erase_border(b); + else { + connection *b = new_border(type, from, to); + nextborder--; /* new_border erhöht den Wert */ + b->id = bid; + assert(bid <= nextborder); + if (type->read) + type->read(b, store); + if (global.data_version < NOBORDERATTRIBS_VERSION) { + attrib *a = NULL; + int result = a_read(store, &a, b); + if (border_convert_cb) { + border_convert_cb(b, a); + } + while (a) { + a_remove(&a, a); + } + if (result < 0) { + return result; + } + } } } return 0; From e16e6692940e0cb6e7a25c07a73eeb0604443714 Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 11:08:55 +0100 Subject: [PATCH 3/9] CID LAST_ROW 22455 Logically dead code github issue #359 song of confusion was not selecting from fleeing units --- src/battle.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/battle.h b/src/battle.h index 36f4898b7..9b7b8657d 100644 --- a/src/battle.h +++ b/src/battle.h @@ -39,8 +39,8 @@ extern "C" { #define BEHIND_ROW 2 #define AVOID_ROW 3 #define FLEE_ROW 4 -#define LAST_ROW (NUMROWS-1) #define FIRST_ROW FIGHT_ROW +#define LAST_ROW FLEE_ROW #define MAXSIDES 192 /* if there are ever more than this, we're fucked. */ struct message; From 62d7e9e944ada1c9dad5888c796e2da0cec75eec Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 11:11:02 +0100 Subject: [PATCH 4/9] CID 22473 Evaluation order violation github issue #347 --- src/randenc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/randenc.c b/src/randenc.c index 3a29bf886..aeb623cb9 100644 --- a/src/randenc.c +++ b/src/randenc.c @@ -525,7 +525,7 @@ damage_unit(unit * u, const char *dam, bool physical, bool magic) void drown(region * r) { if (fval(r->terrain, SEA_REGION)) { - unit **up = up = &r->units; + unit **up = &r->units; while (*up) { unit *u = *up; From 58c1d83c9ed6af66f8f2606aa20df7076924836f Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 11:14:53 +0100 Subject: [PATCH 5/9] CID 22491 FORWARD_NULL github issue #352 fals positive, rewriting code to appease coverity --- src/util/crmessage.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/util/crmessage.c b/src/util/crmessage.c index 942ba2610..d15228510 100644 --- a/src/util/crmessage.c +++ b/src/util/crmessage.c @@ -91,22 +91,21 @@ void crt_register(const struct message_type *mtype) crt = crt->next; } if (!crt) { - int i; crt = malloc(sizeof(crmessage_type)); crt->mtype = mtype; crt->next = crtypes[hash]; crtypes[hash] = crt; if (mtype->nparameters > 0) { + int i; crt->renderers = malloc(sizeof(tostring_f) * mtype->nparameters); + /* can be scrapped for memory vs. speed */ + for (i = 0; i != mtype->nparameters; ++i) { + crt->renderers[i] = tsf_find(mtype->types[i]->name); + } } else { crt->renderers = NULL; } - - /* can be scrapped for memory vs. speed */ - for (i = 0; i != mtype->nparameters; ++i) { - crt->renderers[i] = tsf_find(mtype->types[i]->name); - } } } From 4c861aa40d74a6862a58859ba2b9278cb2fcdaff Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 11:17:31 +0100 Subject: [PATCH 6/9] CID 22496 Infinite loop github issue #356 this is only relevant to old data files, it appears. --- src/spells/borders.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/spells/borders.c b/src/spells/borders.c index d1b5625cc..c197b93c2 100644 --- a/src/spells/borders.c +++ b/src/spells/borders.c @@ -263,6 +263,7 @@ void convert_firewall_timeouts(connection * b, attrib * a) wall_data *fd = (wall_data *)b->data.v; fd->countdown = a->data.i; } + a = a->next; } } From 530f7296219172b1d62da504143811d0f11fb624 Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 11:18:39 +0100 Subject: [PATCH 7/9] CID 22499 Missing break in switch github issue #357 nice catch! --- src/chaos.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/chaos.c b/src/chaos.c index 5b6f9c89b..728048bf9 100644 --- a/src/chaos.c +++ b/src/chaos.c @@ -176,6 +176,7 @@ static void chaos(region * r) set_money(u, u->number * (rng_int() % mfac)); fset(u, UFL_ISNEW | UFL_MOVED); } + break; case 2: /* Terrainveränderung */ if (!fval(r->terrain, FORBIDDEN_REGION)) { if (!fval(r->terrain, SEA_REGION)) { From fce3f63cc156ead17e996c3aa2708e6c5a0ee7cd Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 11:22:16 +0100 Subject: [PATCH 8/9] CID 22529 Resource leak github issue #351 allocation call optimization for small units --- src/randenc.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/randenc.c b/src/randenc.c index aeb623cb9..55802ff2f 100644 --- a/src/randenc.c +++ b/src/randenc.c @@ -449,7 +449,7 @@ static int nb_armor(const unit * u, int index) static int damage_unit(unit * u, const char *dam, bool physical, bool magic) { - int *hp = malloc(u->number * sizeof(int)); + int *hp, hpstack[20]; int h; int i, dead = 0, hp_rem = 0, heiltrank; double magres = magic_resistance(u); @@ -462,6 +462,12 @@ damage_unit(unit * u, const char *dam, bool physical, bool magic) assert(u->number <= u->hp); h = u->hp / u->number; /* HP verteilen */ + if (u->number < 20) { + hp = hpstack; + } + else { + hp = malloc(u->number * sizeof(int)); + } for (i = 0; i < u->number; i++) hp[i] = h; h = u->hp - (u->number * h); @@ -517,7 +523,9 @@ damage_unit(unit * u, const char *dam, bool physical, bool magic) scale_number(u, u->number - dead); u->hp = hp_rem; - free(hp); + if (hp != hpstack) { + free(hp); + } return dead; } From d553066590686ca7a1ab41be16fc894f51578d10 Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 5 Nov 2015 11:31:52 +0100 Subject: [PATCH 9/9] CID 22548 Resource leak github issue #334 --- src/jsreport.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/jsreport.c b/src/jsreport.c index 44b9ea252..a6be8b46b 100644 --- a/src/jsreport.c +++ b/src/jsreport.c @@ -76,6 +76,7 @@ static int report_json(const char *filename, report_context * ctx, const char *c "\"margin\": 0, \"name\": \"hextiles\", \"properties\": { }, \"spacing\": 0, " "\"tileheight\" : 64, \"tilewidth\" : 64 }], \"tilewidth\": 64, \"tileheight\": 96}", F); } + fclose(F); return 0; } return -1;