Follow-up Comment #9, bug #20003 (project freeciv):
> (What seems odd is that the exploit seems to send many 0xff's,
> and I would have expected the opposite)
Problem is that in error situation - when there's no more data -
dio_get_uint8() returns 0, not 255. So if there's not enough data, it will try
to read it in infinite loop.
I see two possible ways to fix this. I have to investigate consequences to
other parts of the code more to decide better one.
Reply to this item at:
Message sent via/by Gna!
Freeciv-dev mailing list