HostedRedmine.com has moved to the Planio platform. All logins and passwords remained the same. All users will be able to login and use Redmine just as before. Read more...
Bug #827156
Asan finding: Negative array index in send_path_orders
Start date:
Due date:
% Done:
0%
Estimated time:
Description
send_path_orders in goto.cc will read (and may attempt to write) p.orders[-1] in the following case:
- The path has length 1 (meaning the unit should stay where it is)
- final_order is set
This is eg the case in the Qt client when doing Shift+B city founding on the same tile as the settler occupies.
A possible fix would be to add a check for i > 0 at https://github.com/freeciv/freeciv/blob/8ccf0ccb6a55961c7217573a9576b81daeb63d13/client/goto.c#L1422
Confirmed on master but the offending code was introduced in 2.6.
History
#2
Updated by Louis Moureaux over 2 years ago
- File 0001-Fix-negative-array-index-in-send_path_orders-2.6.patch 0001-Fix-negative-array-index-in-send_path_orders-2.6.patch added
Fix attached for S2_6, S3_0 and master.
#3
Updated by Marko Lindqvist over 2 years ago
- Category set to Client
- Status changed from New to Resolved
- Assignee set to Marko Lindqvist
#4
Updated by Marko Lindqvist over 2 years ago
- Status changed from Resolved to Closed
.