| … | |
… | |
| 190 | socket.current_y = ob->y; |
190 | socket.current_y = ob->y; |
| 191 | |
191 | |
| 192 | region *reg = ob->region (); |
192 | region *reg = ob->region (); |
| 193 | if (socket.current_region != reg) |
193 | if (socket.current_region != reg) |
| 194 | { |
194 | { |
|
|
195 | INVOKE_PLAYER (REGION_CHANGE, pl, ARG_REGION (reg), ARG_REGION (socket.current_region)); |
| 195 | socket.current_region = reg; |
196 | socket.current_region = reg; |
| 196 | socket.send_packet_printf ("drawinfo 0 You are now %s.\n(use whereami for more details)", ®->longname); |
|
|
| 197 | } |
197 | } |
| 198 | } |
198 | } |
| 199 | |
199 | |
| 200 | /** |
200 | /** |
| 201 | * RequestInfo is sort of a meta command. There is some specific |
201 | * RequestInfo is sort of a meta command. There is some specific |
| … | |
… | |
| 931 | |
931 | |
| 932 | if (!ns.faces_sent[face_num]) |
932 | if (!ns.faces_sent[face_num]) |
| 933 | if (ob) |
933 | if (ob) |
| 934 | ns.send_faces (ob); |
934 | ns.send_faces (ob); |
| 935 | else |
935 | else |
| 936 | ns.send_face (face_num); |
936 | ns.send_face (face_num, 10); |
| 937 | |
937 | |
| 938 | sl << uint16 (face_num); |
938 | sl << uint16 (face_num); |
| 939 | return 1; |
939 | return 1; |
| 940 | } |
940 | } |
| 941 | |
941 | |
| … | |
… | |
| 1388 | sl << "replyinfo skill_info\n"; |
1388 | sl << "replyinfo skill_info\n"; |
| 1389 | |
1389 | |
| 1390 | for (int i = 1; i < NUM_SKILLS; i++) |
1390 | for (int i = 1; i < NUM_SKILLS; i++) |
| 1391 | sl.printf ("%d:%s\n", i + CS_STAT_SKILLINFO, &skill_names[i]); |
1391 | sl.printf ("%d:%s\n", i + CS_STAT_SKILLINFO, &skill_names[i]); |
| 1392 | |
1392 | |
| 1393 | if (sl.length () >= MAXSOCKBUF) |
1393 | if (sl.length () > MAXSOCKBUF) |
| 1394 | { |
1394 | { |
| 1395 | LOG (llevError, "Buffer overflow in send_skill_info!\n"); |
1395 | LOG (llevError, "Buffer overflow in send_skill_info!\n"); |
| 1396 | fatal (0); |
1396 | fatal (0); |
| 1397 | } |
1397 | } |
| 1398 | |
1398 | |
| … | |
… | |
| 1411 | sl << "replyinfo spell_paths\n"; |
1411 | sl << "replyinfo spell_paths\n"; |
| 1412 | |
1412 | |
| 1413 | for (int i = 0; i < NRSPELLPATHS; i++) |
1413 | for (int i = 0; i < NRSPELLPATHS; i++) |
| 1414 | sl.printf ("%d:%s\n", 1 << i, spellpathnames[i]); |
1414 | sl.printf ("%d:%s\n", 1 << i, spellpathnames[i]); |
| 1415 | |
1415 | |
| 1416 | if (sl.length () >= MAXSOCKBUF) |
1416 | if (sl.length () > MAXSOCKBUF) |
| 1417 | { |
1417 | { |
| 1418 | LOG (llevError, "Buffer overflow in send_spell_paths!\n"); |
1418 | LOG (llevError, "Buffer overflow in send_spell_paths!\n"); |
| 1419 | fatal (0); |
1419 | fatal (0); |
| 1420 | } |
1420 | } |
| 1421 | |
1421 | |
| … | |
… | |
| 1529 | if (!spell->face) |
1529 | if (!spell->face) |
| 1530 | { |
1530 | { |
| 1531 | LOG (llevError, "%s: spell has no face, but face is mandatory.\n", &spell->name); |
1531 | LOG (llevError, "%s: spell has no face, but face is mandatory.\n", &spell->name); |
| 1532 | spell->face = face_find ("burnout.x11", blank_face); |
1532 | spell->face = face_find ("burnout.x11", blank_face); |
| 1533 | } |
1533 | } |
|
|
1534 | |
|
|
1535 | pl->ns->send_face (spell->face); |
| 1534 | |
1536 | |
| 1535 | /* send the current values */ |
1537 | /* send the current values */ |
| 1536 | sl << uint32 (spell->count) |
1538 | sl << uint32 (spell->count) |
| 1537 | << uint16 (spell->level) |
1539 | << uint16 (spell->level) |
| 1538 | << uint16 (spell->casting_time) |
1540 | << uint16 (spell->casting_time) |
| … | |
… | |
| 1574 | * bytes and 3 strings (because that is the spec) so we need to |
1576 | * bytes and 3 strings (because that is the spec) so we need to |
| 1575 | * check that the length of those 3 strings, plus the 23 bytes, |
1577 | * check that the length of those 3 strings, plus the 23 bytes, |
| 1576 | * won't take us over the length limit for the socket, if it does, |
1578 | * won't take us over the length limit for the socket, if it does, |
| 1577 | * we need to send what we already have, and restart packet formation |
1579 | * we need to send what we already have, and restart packet formation |
| 1578 | */ |
1580 | */ |
|
|
1581 | if (spell->type != SPELL) |
|
|
1582 | continue; |
|
|
1583 | |
| 1579 | /* Seeing crashes by overflowed buffers. Quick arithemetic seems |
1584 | /* Seeing crashes by overflowed buffers. Quick arithemetic seems |
| 1580 | * to show add_spell is 26 bytes + 2 strings. However, the overun |
1585 | * to show add_spell is 26 bytes + 2 strings. However, the overun |
| 1581 | * is hundreds of bytes off, so correcting 22 vs 26 doesn't seem |
1586 | * is hundreds of bytes off, so correcting 22 vs 26 doesn't seem |
| 1582 | * like it will fix this |
1587 | * like it will fix this |
| 1583 | */ |
1588 | */ |
| 1584 | if (spell->type != SPELL) |
|
|
| 1585 | continue; |
|
|
| 1586 | |
|
|
| 1587 | if (sl.length () >= (MAXSOCKBUF - (26 + strlen (spell->name) + (spell->msg ? strlen (spell->msg) : 0)))) |
1589 | if (sl.length () > (MAXSOCKBUF - (26 + strlen (spell->name) + (spell->msg ? strlen (spell->msg) : 0)))) |
| 1588 | { |
1590 | { |
|
|
1591 | pl->ns->flush_fx (); |
| 1589 | pl->ns->send_packet (sl); |
1592 | pl->ns->send_packet (sl); |
| 1590 | |
1593 | |
| 1591 | sl.reset (); |
1594 | sl.reset (); |
| 1592 | sl << "addspell "; |
1595 | sl << "addspell "; |
| 1593 | } |
1596 | } |
| … | |
… | |
| 1601 | return; |
1604 | return; |
| 1602 | } |
1605 | } |
| 1603 | else |
1606 | else |
| 1604 | append_spell (pl, sl, spell); |
1607 | append_spell (pl, sl, spell); |
| 1605 | |
1608 | |
| 1606 | if (sl.length () >= MAXSOCKBUF) |
1609 | if (sl.length () > MAXSOCKBUF) |
| 1607 | { |
1610 | { |
| 1608 | LOG (llevError, "Buffer overflow in esrv_add_spells!\n"); |
1611 | LOG (llevError, "Buffer overflow in esrv_add_spells!\n"); |
| 1609 | fatal (0); |
1612 | fatal (0); |
| 1610 | } |
1613 | } |
| 1611 | |
1614 | |
| 1612 | /* finally, we can send the packet */ |
1615 | /* finally, we can send the packet */ |
|
|
1616 | pl->ns->flush_fx (); |
| 1613 | pl->ns->send_packet (sl); |
1617 | pl->ns->send_packet (sl); |
| 1614 | } |
1618 | } |
| 1615 | |
1619 | |
