From 496b98597f4f65c16fe4314c66a5015dda3e13d9 Mon Sep 17 00:00:00 2001 From: patman64 Date: Wed, 20 May 2015 22:39:49 +0100 Subject: [PATCH] [Core] Fix a client freeze caused by malformed paths (c2657) Avoid Classic client to freeze or crash upon recieving path with zero offset between two points by preventing server to send such movement paths --- src/game/movement/packet_builder.cpp | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/src/game/movement/packet_builder.cpp b/src/game/movement/packet_builder.cpp index 9b03bc6d..b4a8a0bd 100644 --- a/src/game/movement/packet_builder.cpp +++ b/src/game/movement/packet_builder.cpp @@ -79,19 +79,31 @@ namespace Movement void WriteLinearPath(const Spline& spline, ByteBuffer& data) { - uint32 last_idx = spline.getPointCount() - 3; + uint32 pointCount = spline.getPointCount() - 3; + uint32 last_idx = pointCount; const Vector3* real_path = &spline.getPoint(1); Vector3 destination = real_path[last_idx]; + size_t lastIndexPos = data.wpos(); data << last_idx; data << destination; if (last_idx > 1) { Vector3 offset; // first and last points already appended - for (uint32 i = 1; i < last_idx; ++i) + for (uint32 i = 1; i < pointCount; ++i) { offset = destination - real_path[i]; + // TODO: check if there is a better way to handle this like reworking path formatting to avoid generating such zero offset + // [-CLASSIC] The client freezes or crashes when it gets a zero offset. + // If the offset would be rounded to zero, skip it. + if (fabs(offset.x) < 0.25 && fabs(offset.y) < 0.25 && fabs(offset.z) < 0.25) + { + // Remove 1 from the counter that will be sent to the client. + last_idx--; + data.put(lastIndexPos, last_idx); + continue; + } data.appendPackXYZ(offset.x, offset.y, offset.z); } }