These types of bugs exist in act_new. In this case, it attempts to
expand the $p into the name of an object, which is likely NULL when
used in a channel.
Adding NULL checks in act_new is an easy way to fix it:
- case 't': i = (char *) arg1; break;
+ case 't': if(arg1) i = (char *) arg1; break;
case 'p':
+ if (to&&obj1)
i = can_see_obj( to, obj2 )
? obj2->short_descr
: "something";
break;
and so on...
It's also good practice to not allow player-entered text in the format
argument of act/act_new; instead send it as a string ($t) argument,
which doesn't get expanded.
--Palrich.
On Tue, 14 Sep 2004 12:09:36 -0400, Rick St Jean <[EMAIL PROTECTED]> wrote:
> Hey all,
> I had someone pop on my mud a few months ago and tell me about a
> bug in send_to_char. It had to do with the write_to_buffer function.
> This person used a $p in global communications string and crashed things.
> I am not able to duplicate it .., and I was told to use sprintf in the
> send_to_char
> function, but I cannot locate anything related to this bug or a fix.
>
> Anyone know what this person was talking about?
>
> Thanks.
> Rick
>
> --
> ROM mailing list
> [email protected]
> http://www.rom.org/cgi-bin/mailman/listinfo/rom
>
