Logic issues

[sean-gilliam]

Ongoing issue where we include logic issues found in the code:

act_info.c

• semi-colon after if statement (https://github.com/rezalas/riftshadow/blob/master/code/act_info.c#L2488-L2489)

void do_affects(CHAR_DATA *ch, char *argument )
{
...
if(paf->aftype!=AFT_INVIS);
    send_to_char( "\n\r", ch );
...
}

act_move.c

• Evaluates to always true (https://github.com/rezalas/riftshadow/blob/master/code/act_move.c#L458)

void move_char( CHAR_DATA *ch, int door, bool automatic, bool fcharm)
{
...
if(!automatic || automatic)
...
}

• Method call after function returns (https://github.com/rezalas/riftshadow/blob/master/code/act_move.c#L2509-L2510)

void do_acute_vision( CHAR_DATA *ch, char *argument )
{
...
return;
check_improve(ch,gsn_acute_vision,TRUE,1);
}

act_obj.c

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/act_obj.c#L97-L113)

bool can_loot(CHAR_DATA *ch, OBJ_DATA *obj)
{
...
return TRUE;
... more logic ...
}

• semi-colon after if statement (https://github.com/rezalas/riftshadow/blob/master/code/act_obj.c#L897)

void do_give( CHAR_DATA *ch, char *argument )
{
...
if((obj->pIndexData->iprogs->give_prog) (obj,ch,victim) == TRUE);
...
}

act_wiz.c

• semi-colon after for statement (https://github.com/rezalas/riftshadow/blob/master/code/act_wiz.c#L2845-L2846)
  this might be just advancing a pointer, so marking as possible

void do_owhere(CHAR_DATA *ch, char *argument )
{
...
for (in_obj = obj; in_obj->in_obj != NULL; in_obj = in_obj->in_obj);
...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/act_wiz.c#L5340)

void do_multicheck( CHAR_DATA *ch, char *argument)
{
...
return send_to_char("Fix later.\n\r",ch);
... more logic ...
}

ap.c

• case statement without a break (https://github.com/rezalas/riftshadow/blob/master/code/ap.c#L1323-L1334)
  this might be a case where you want fall through

void lesser_demon_tick (CHAR_DATA *mob, AFFECT_DATA *af)
{
...
		case(MOB_VNUM_AAMON):
			if (af->duration == 4) {
				do_emote(mob,"taps his foot irritably.");
				break;
			}
			if (af->duration == 1) {
				do_emote(mob,"laughs giddily and whirls to leave.");
				RS.Queue.AddToQueue(1, 2, do_say,mob, (char*)"I'll be leaving now,  and leaving you to your thoughts.  You'll never know the answer to my riddle.");
				RS.Queue.AddToQueue(2, 5, act, "With a puff of hazy purple smoke and a sound like a cough, $n disappears.", mob, 0, 0, TO_ROOM);
				RS.Queue.AddToQueue(3, 1, delay_extract, mob);
				break;
			}
...
}

• break after only one for loop (https://github.com/rezalas/riftshadow/blob/master/code/ap.c#L1568)

void insanity_pulse(CHAR_DATA *ch, AFFECT_DATA *af)
{
	...
	for(victim = ch->in_room->people; victim != NULL; victim = victim->next_in_room)
	{
		...
		switch(number_range(1, 5))
		{
			...
		}
		break;
	}
	...
}

comm.c

• semi-colon after for statement (https://github.com/rezalas/riftshadow/blob/master/code/comm.c#L646)
  this might be just advancing a pointer, so marking as possible

void close_socket( DESCRIPTOR_DATA *dclose )
{
...
for ( d = descriptor_list; d && d->next != dclose; d = d->next );
...
}

• semi-colon after for statement (https://github.com/rezalas/riftshadow/blob/master/code/comm.c#L779)

void read_from_buffer( DESCRIPTOR_DATA *d )
{
...
for ( j = 0; ( d->inbuf[j] = d->inbuf[i+j] ) != '\0'; j++ );
}

• same statement twice in a row (https://github.com/rezalas/riftshadow/blob/master/code/comm.c#L1734-L1738)
  this might be a copypasta error

void nanny( DESCRIPTOR_DATA *d, char *argument )
{
...
      ch->race = race;

	/* initialize stats */

	ch->race=race;
...
}

• semi-colon after for statement (https://github.com/rezalas/riftshadow/blob/master/code/comm.c#L2857)

void show_string(struct descriptor_data *d, char *input)
{
...
		for (chk = d->showstr_point; isspace(*chk); chk++);
	    {
			...
		}
...
}

db.c

• semi-colon after if statement (https://github.com/rezalas/riftshadow/blob/master/code/db.c#L1376)
  this might be just to ignore the case

void area_update( void )
{
...
 else if (paf->duration < 0);
...
}

• break after return statement (https://github.com/rezalas/riftshadow/blob/master/code/db.c#L2718-L2720)

char *fread_string( FILE *fp )
{
	...
    case EOF:
		/* temp fix */
        bug( "Fread_string: EOF", 0 );
	    return NULL;
        /* exit( 1 ); */
        break;
	...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/db.c#L4063-L4065)

Memory leak - file pointer never closed

void load_votes()
{
...
	if(!(fp=fopen(VOTE_FILE,"r")))
		return;
	return;
... more logic ...
}

devextra.c

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L38-L39)

void do_pswitch(CHAR_DATA *ch, char *argument)
{
...
	name[0] = UPPER(name[0]);
	return;
... more logic ...
}

• Bobby Tables says hello (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L171-L172)

SQL injection

void do_listoffer(CHAR_DATA *ch, char *argument)
{
...
	sprintf(query,"SELECT * FROM offerings WHERE deity = \"%s\" %s ORDER BY time ASC",
		ch->true_name, autol ? "AND status = 0" : "");
... more logic ...
}

• Bobby Tables says hello (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L258-L259)

SQL injection

void do_offer(CHAR_DATA *ch, char *argument)
{
...
		sprintf(query, "SELECT * FROM offerings WHERE deity = \"%s\" AND player = \"%s\" ORDER BY time DESC LIMIT 1",
			altar->in_room->owner, ch->true_name);
... more logic ...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L442-L450)

void show_database_info(CHAR_DATA *ch, char *argument)
{
	MYSQL *conn, *conn2;
	MYSQL_RES *res_set, *res2;
	MYSQL_ROW row, row2;
	char query[MSL], buf[MSL], buf2[MSL];
	float lpercent;

	return;

... logic to show database info...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L504-L506)

void do_demo(CHAR_DATA *ch, char *name)
{
...
	sprintf(buf,"There are currently %i limited items in the game (%i on players).\n\r",i,r);
	send_to_char(buf,ch);
	return;
... more logic ...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L636-L646)

void plug_graveyard(CHAR_DATA *ch, int type)
{
    int minlevel=30,day, tid, i,max;
	char buf[MSL], buf2[MSL], name[MSL], message[MSL], message_date[MSL],stid[MSL];
	char align[MSL], ethos[MSL],type_death[MSL],message_death[MSL];
	char *suf;
	char ntime[MSL],year[MSL], month[MSL], dom[MSL], time[MSL],cur_date[MSL],unique[MSL];
	MYSQL_ROW qrow;


	return;
... more logic ...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L979-L980)

Memory leak - sql pointer never closed

bool sort_votes(char *hold[], int *holdi, int cabal)
{
...
	return TRUE;
	mysql_free_result(res);
}

• Bobby Tables says hello (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L1124)

SQL injection - this method has several instances of sql injection

void do_vote(CHAR_DATA *ch, char *argument)
{
...
	sprintf(buf,"SELECT COUNT(voter) FROM votes WHERE voter='%s'", ch->true_name);
... more logic ...
	sprintf(buf,"SELECT vote_for FROM votes WHERE voter='%s'", ch->true_name);
... etc ...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L1232-L1236)

bool check_volley(CHAR_DATA *ch, CHAR_DATA *victim)
{
	int skill, chance;
	//CH is caster of offensive spell, victim is victim
	return FALSE;
... more logic ...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L1478-L1482)

void do_topbounties(CHAR_DATA *ch, char *argument)
{
	int i, pnum = 0, plus = 0;
	char buf[MAX_STRING_LENGTH];
	return;	
... more logic ...
}

• semi-colon after if statement (https://github.com/rezalas/riftshadow/blob/master/code/devextra.c#L1897-L1900)
  multiple instances

void do_assess_old(CHAR_DATA *ch, char *argument)
{
...
	for ( paf = victim->affected; paf != NULL; paf = paf->next )
	{
		buf[0]='\0';
		if(skill<91);
		...
		if(skill>=91);
		...
	}
...
}

dioextra.c

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/dioextra.c#L1294-L1310)

void do_ctrack( CHAR_DATA *ch, char *argument )
{
    char arg[MAX_STRING_LENGTH];
    char buf[MAX_STRING_LENGTH];
    char buf2[MAX_STRING_LENGTH];
    char newbuf[MAX_STRING_LENGTH];
    char results[MAX_STRING_LENGTH];
    char *login = NULL;
    FILE *fpChar;
    FILE *fpChar2;
    int numMatches = 0, cabal, counter;
    BUFFER *output;

    one_argument(argument, arg);

    output = new_buf();
    return;
... more logic ...
}

handler.c

• semi-colon after if statement (https://github.com/rezalas/riftshadow/blob/master/code/handler.c#L457-L458)

int get_skill(CHAR_DATA *ch, int sn)
{
...
		} else if (ch->pIndexData->Class()->GetIndex() == CLASS_SORCERER) {
			;
		} else
...
}

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/handler.c#L2528-L2533)

bool room_is_private( ROOM_INDEX_DATA *pRoomIndex )
{
    CHAR_DATA *rch;
    int count;

    return FALSE;
... more logic ...
}

iprog.c

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/iprog.c#L632-L636)

void invoke_prog_tattoo_dioxide(OBJ_DATA *obj, CHAR_DATA *ch, char *argument)
{
	AFFECT_DATA af;

        return;
... more logic ...
}

misc.c

• More logic after function returns (https://github.com/rezalas/riftshadow/blob/master/code/misc.c#L92-L101)

void do_rngtest(CHAR_DATA *ch, char *argument)
{
	long total = 0;
	int count;
	int rolls, val, maxes = 0;
	char buf[MSL];

	for(count = 0; count < 100000; count++)
		update_db_gold();
	return;
... more logic ...
}