From 819b7cb36195e9ef705cfcb636bc9528f4fce813 Mon Sep 17 00:00:00 2001 From: Vincent Stumpf Date: Mon, 20 Mar 2023 09:32:41 -0700 Subject: [PATCH] Fix ASAN crashes and LSAN leaks (#7649) --- src/char/char_clif.cpp | 4 ++-- src/char/char_mapif.cpp | 2 +- src/map/clif.cpp | 1 - src/map/mob.cpp | 3 +++ src/map/npc.cpp | 2 ++ src/map/pet.cpp | 4 +++- src/map/script.cpp | 2 +- src/map/unit.cpp | 3 +++ 8 files changed, 15 insertions(+), 6 deletions(-) diff --git a/src/char/char_clif.cpp b/src/char/char_clif.cpp index e5ec116ce6..954f0be7e9 100644 --- a/src/char/char_clif.cpp +++ b/src/char/char_clif.cpp @@ -920,8 +920,8 @@ int chclif_parse_select_accessible_map( int fd, struct char_session_data* sd, ui // FIXME: is this case even possible? [ultramage] if( ( map_fd = map_server[mapserver].fd ) < 1 || session[map_fd] == nullptr ){ ShowError( "parse_char: Attempting to write to invalid session %d! Map Server #%d disconnected.\n", map_fd, mapserver ); + map_server[mapserver] = {}; map_server[mapserver].fd = -1; - memset( &map_server[mapserver], 0, sizeof( struct mmo_map_server ) ); chclif_send_auth_result( fd, 1 ); // Send server closed. return 1; } @@ -1090,8 +1090,8 @@ int chclif_parse_charselect(int fd, struct char_session_data* sd,uint32 ipl){ if ((map_fd = map_server[i].fd) < 1 || session[map_fd] == NULL) { ShowError("parse_char: Attempting to write to invalid session %d! Map Server #%d disconnected.\n", map_fd, i); + map_server[i] = {}; map_server[i].fd = -1; - memset(&map_server[i], 0, sizeof(struct mmo_map_server)); chclif_send_auth_result(fd,1); //Send server closed. return 1; } diff --git a/src/char/char_mapif.cpp b/src/char/char_mapif.cpp index 97f7c50554..7fb33394c3 100644 --- a/src/char/char_mapif.cpp +++ b/src/char/char_mapif.cpp @@ -1480,7 +1480,7 @@ int chmapif_init(int fd){ * @param id: id of map-serv (should be >0, FIXME) */ void chmapif_server_init(int id) { - memset(&map_server[id], 0, sizeof(map_server[id])); + map_server[id] = {}; map_server[id].fd = -1; } diff --git a/src/map/clif.cpp b/src/map/clif.cpp index ed5a89df31..b07a4fc3da 100644 --- a/src/map/clif.cpp +++ b/src/map/clif.cpp @@ -10812,7 +10812,6 @@ void clif_parse_WantToConnection(int fd, map_session_data* sd) } CREATE(sd, TBL_PC, 1); - // placement new new(sd) map_session_data(); sd->fd = fd; #ifdef PACKET_OBFUSCATION diff --git a/src/map/mob.cpp b/src/map/mob.cpp index 8c18203e64..a4e73ea5df 100644 --- a/src/map/mob.cpp +++ b/src/map/mob.cpp @@ -453,6 +453,7 @@ int mob_parse_dataset(struct spawn_data *data) struct mob_data* mob_spawn_dataset(struct spawn_data *data) { struct mob_data *md = (struct mob_data*)aCalloc(1, sizeof(struct mob_data)); + new(md) mob_data(); md->bl.id= npc_get_new_npc_id(); md->bl.type = BL_MOB; md->bl.m = data->m; @@ -687,6 +688,7 @@ int mob_once_spawn(map_session_data* sd, int16 m, int16 x, int16 y, const char* if (gc) { md->guardian_data = (struct guardian_data*)aCalloc(1, sizeof(struct guardian_data)); + new(md->guardian_data) guardian_data(); md->guardian_data->castle = gc; md->guardian_data->number = MAX_GUARDIANS; md->guardian_data->guild_id = gc->guild_id; @@ -890,6 +892,7 @@ int mob_spawn_guardian(const char* mapname, int16 x, int16 y, const char* mobnam md = mob_spawn_dataset(&data); md->guardian_data = (struct guardian_data*)aCalloc(1, sizeof(struct guardian_data)); + new (md->guardian_data) guardian_data(); md->guardian_data->number = guardian; md->guardian_data->guild_id = gc->guild_id; md->guardian_data->castle = gc; diff --git a/src/map/npc.cpp b/src/map/npc.cpp index 08a2fa59ef..060c392e0c 100644 --- a/src/map/npc.cpp +++ b/src/map/npc.cpp @@ -3552,6 +3552,7 @@ int npc_unload(struct npc_data* nd, bool single) { } } + nd->~npc_data(); aFree(nd); return 0; @@ -4136,6 +4137,7 @@ static const char* npc_parse_shop(char* w1, char* w2, char* w3, char* w4, const } if( nd->u.shop.count == 0 ) { ShowWarning("npc_parse_shop: Ignoring empty shop in file '%s', line '%d'.\n", filepath, strline(buffer,start-buffer)); + nd->~npc_data(); aFree(nd); return strchr(start,'\n');// continue } diff --git a/src/map/pet.cpp b/src/map/pet.cpp index 37b9c56d0a..bf3d6977cf 100644 --- a/src/map/pet.cpp +++ b/src/map/pet.cpp @@ -1022,7 +1022,9 @@ bool pet_data_init(map_session_data *sd, struct s_pet *pet) return false; } - sd->pd = pd = (struct pet_data *)aCalloc(1,sizeof(struct pet_data)); + pd = (struct pet_data *)aCalloc(1,sizeof(struct pet_data)); + new(pd) pet_data(); + sd->pd = pd; pd->bl.type = BL_PET; pd->bl.id = npc_get_new_npc_id(); diff --git a/src/map/script.cpp b/src/map/script.cpp index dc94d3dd4f..df8eb35b27 100644 --- a/src/map/script.cpp +++ b/src/map/script.cpp @@ -18020,7 +18020,7 @@ BUILDIN_FUNC(npcshopdelitem) ARR_FIND( 0, size, n, nd->u.shop.shop_item[n].nameid == nameid ); if( n < size ) { if (n+1 != size) - memmove(&nd->u.shop.shop_item[n], &nd->u.shop.shop_item[n+1], sizeof(nd->u.shop.shop_item[0])*(size-n)); + memmove(&nd->u.shop.shop_item[n], &nd->u.shop.shop_item[n+1], sizeof(nd->u.shop.shop_item[0])*(size-(n + 1))); #if PACKETVER >= 20131223 if (nd->subtype == NPCTYPE_MARKETSHOP) npc_market_delfromsql_(nd->exname, nameid, false); diff --git a/src/map/unit.cpp b/src/map/unit.cpp index 053407ca3a..3f181d420e 100644 --- a/src/map/unit.cpp +++ b/src/map/unit.cpp @@ -3501,6 +3501,7 @@ int unit_free(struct block_list *bl, clr_type clrtype) skill_clear_unitgroup(bl); status_change_clear(bl,1); + pd->~pet_data(); break; } case BL_MOB: { @@ -3536,6 +3537,7 @@ int unit_free(struct block_list *bl, clr_type clrtype) gc->temp_guardians[i] = 0; } + md->guardian_data->~guardian_data(); aFree(md->guardian_data); md->guardian_data = NULL; } @@ -3564,6 +3566,7 @@ int unit_free(struct block_list *bl, clr_type clrtype) if( md->tomb_nid ) mvptomb_destroy(md); + md->~mob_data(); break; } case BL_HOM: