search

2003scape / rsc-c

🍫 runescape classic client ported to C
GNU Affero General Public License v3.0
76 stars 16 forks source link

SIGSEGV in mudclient_show_message #90

Closed alarixnia closed 10 months ago

alarixnia commented 10 months ago 
#0  0x0000760fa4759b00 in strcpy () from /usr/lib/libc.so.12
No symbol table info available.
#1  0x000000000045df4f in mudclient_show_message (mud=0x760fa415f240,
    message=0x7f7fffcb0910 "@whi@@que@@cya@Global$@ora@[@gre@Migeman@ora@]: @cya@Buying nats 450ea",
    type=MESSAGE_TYPE_QUEST) at src/ui/message-tabs.c:452
        i = 1
        message_length = 70
        max_text_width = 497
        coloured_message = "@whi@@que@@cya@Global$@ora@[@gre@Migeman@ora@]: @cya@Buying nats 450ea\000\000\000\000\000"
        message1 = 0x0
        last_space = <optimized out>
        last_colour = {<optimized out>, <optimized out>, <optimized out>}
        i = <optimized out>
        position = <optimized out>
        message2_length = <optimized out>
        message2 = 0x0
        message2_offset = <optimized out>
#2  0x000000000045e2b4 in mudclient_show_server_message (mud=0x760fa415f240,
    message=0x7f7fffcb09d8 "@que@@cya@Global$@ora@[@gre@Migeman@ora@]: @cya@Buying nats 450ea")
    at src/ui/message-tabs.c:502
        formatted_length = 71
        formatted_message = "@whi@@que@@cya@Global$@ora@[@gre@Migeman@ora@]: @cya@Buying nats 450ea"
#3  0x000000000041e2e1 in mudclient_packet_tick (mud=0x760fa415f240) at src/packet-handler.c:1183
        message = "@que@@cya@Global$@ora@[@gre@Migeman@ora@]: @cya@Buying nats 450ea\000"
        timestamp = 570131
        size = 66
        data = 0x760fa4170584 "\002@que@@cya@Global$@ora@[@gre@Migeman@ora@]: @cya@Buying nats 450ea`\r\022\352`\021\022\352`\n\023\352`\017\023\352`\022\023\352`\025\023\352`\v\024\352`\r\024\352`\021\024\352`\v\025\352`\r\025\352`\017\025\352`\022\025\352`\b\026\352`\023\026\352`\t\030"
        opcode = SERVER_MESSAGE
#4  0x000000000040fca0 in mudclient_handle_game_input (mud=0x760fa415f240) at src/mudclient.c:3773
        mouse_x = 0
#5  0x0000000000410c20 in mudclient_handle_inputs (mud=0x760fa415f240) at src/mudclient.c:4106
No locals.
#6  0x0000000000416389 in mudclient_run (mud=0x760fa415f240) at src/mudclient.c:6507
        k1 = 256
        last_delay = 10
        time = 570115
        k2 = 0
        timing_index = 3
        j = 256
        delay = 10
        i1 = 107
#7  0x00000000004090da in mudclient_start_application (mud=0x760fa415f240,
    title=0x472049 "Runescape by Andrew Gower") at src/mudclient.c:1215
        init = 48
        windowflags = 36
#8  0x00000000004175b8 in main (argc=1, argv=0x7f7fffcb1188) at src/mudclient.c:6932
        mud = 0x760fa415f240
alarixnia commented 10 months ago

This happened after a user sent an overly long message with lots of @ codes which resulted in some weirdness. Memory corruption due to unterminated string?