Bug #1646: Fixed a SIGSEGV in unit_order_list_is_sane() - Freeciv - Freeciv Ticket System

Actions

Copy link

Bug #1646

open

Fixed a SIGSEGV in unit_order_list_is_sane()

Added by John Robertson 4 days ago. Updated 2 days ago.

Status:

In Review

Priority:

Normal

Assignee:

Marko Lindqvist

Category:

Server

Target version:

3.1.6

Start date:

08/05/2025

Due date:

% Done:

Estimated time:

Description

For various reasons, during the save or load of a game file, if a unit's action list is rejected, the process will delete the working memory for the unit's "order's list" and set the order's list pointer to NULL.

Later, the 'data sanity check' accesses the NULL memory pointer and throws a SIGSEGV exception.

The proposed fix performs the following:

adds a guard against the use of the NULL pointer. But returns TRUE for sanity, as the list is empty.
provides additional cleanup by zeroing out the length value in the 'orders' structure. Note: zeroing out the length would have avoided the NULL memory access, but still leaves the 'sanity' ambiguous.
avoid the 'sanity' check on empty (NULL) order action lists for the unit. Note, the `punit->has_orders` could be refactored to only use the `puint->orders.length == 0`.

Files

Download all files

1646.patch (3.46 KB) 1646.patch		John Robertson, 08/05/2025 08:02 AM
1646.v2.patch (3.36 KB) 1646.v2.patch		John Robertson, 08/05/2025 06:08 PM
1646.v3.patch (6.52 KB) 1646.v3.patch		John Robertson, 08/06/2025 08:17 PM

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Freeciv

Custom queries

Bug #1646

Fixed a SIGSEGV in unit_order_list_is_sane()

Updated by John Robertson 4 days ago

Updated by John Robertson 4 days ago

Updated by John Robertson 4 days ago

Updated by Marko Lindqvist 4 days ago

Updated by Marko Lindqvist 3 days ago

Updated by John Robertson 2 days ago

Updated by Marko Lindqvist 2 days ago