Re: Minor Problems with bpl10

From: James Kane (
Date: 03/21/96

> On Wed, 20 Mar 1996, James Kane wrote:
> > After poking around with the new patch, I found a couple small bugs that 
> > should probably be addressed.  First, skillset allows you to modify any 
> > positive array index.  Thus you can set the fire breath skill, which 
> > corresponds roughly to talks[0] and so on.  To fix this either do_skillset 
> > needs to be changed toaccept only skill <= MAX_SKILLS or find_skill_num() 
> > needs modification. I opted to change the following in do_skillset:
> > 
> > Changed modify.c line 135 from:
> >     for (i = 0; *spells[i] != '\n'; i++) {
> 	In my source, spells[] in spell_parser.c ends with a single entry "\n",
> so this should work the same way as counting i up to MAX_SKILL (unless you
> removed the "\n").
My copy still has that entry as well, however there are still the five
non-player skills that lie in there that have indices above MAX_SKILL.
It was seeing those and being able to set them that tipped me off
something was potentially dangerous.  As it is now you only need to
worry about over writing the padding0, and talks[] variables.  Since
they remain unused anywhere in the stock code it isn't fatal to leave
it there other way. *shrug*


This archive was generated by hypermail 2b30 : 12/07/00 PST