#48290: team_new() NULL tslot reference
Open Date: 2023-06-25 16:46
Last Update: 2023-07-10 01:44
URL for this Ticket:
https://osdn.net//projects/freeciv/ticket/48290
RSS feed for this Ticket:
https://osdn.net/ticket/ticket_rss.php?group_id=12505&tid=48290
---------------------------------------------------------------------
Last Changes/Comment on this Ticket:
2023-07-10 01:44 Updated by: cazfi
* Owner Update from (None) to cazfi
* Resolution Update from None to Accepted
Comment:
Reply To cazfi
I think there's an actual bug
No upper level code is currently affected. S3_2 & main branch patches address the issue, but as the fix causes savegame format and network protocol breakage, that part is not backported to frozen branches. Also assert to player creation is added only in S3_2 & main.
---------------------------------------------------------------------
Ticket Status:
Reporter: cazfi
Owner: cazfi
Type: Bugs
Status: Open [Owner assigned]
Priority: 5 - Medium
MileStone: 3.0.9
Component: General
Severity: 5 - Medium
Resolution: Accepted
---------------------------------------------------------------------
Ticket details:
Clang analyzer S3_1:
../../../src/common/team.c:340:15: warning: Access to field 'team' results in a dereference of a null pointer (loaded from variable 'tslot') [core.NullDereference]
tslot->team = pteam;
I think there's an actual bug that tslot IS left as NULL after the earlier iteration to find a free slot. When called from team_add_player() there might be max number of both players and teams already (both MAX_NUM_PLAYER_SLOTS), *and* the attempt to create a new team is before freeing the old one.
--
Ticket information of Freeciv project
Freeciv Project is hosted on OSDN
Project URL: https://osdn.net/projects/freeciv/
OSDN: https://osdn.net
URL for this Ticket:
https://osdn.net/projects/freeciv/ticket/48290
RSS feed for this Ticket:
https://osdn.net/ticket/ticket_rss.php?group_id=12505&tid=48290