Bug#592020: openarena-server: game logic crashes on some player quit/death events

Simon McVittie smcv at debian.org
Fri Aug 6 23:23:24 UTC 2010 

Package: openarena-server
Version: 0.8.5-2
Severity: important
Tags: upstream patch pending

When a player is killed or leaves the server before the "enemy" struct member
has been set, the openarena game logic can dereference an invalid pointer and
(at least when running as native code) crash.

This is most easily reproduced by running a dedicated server, joining it with
a client, and leaving immediately. The departing player is counted as a
suicide and the dedicated server crashes.

This can be fixed by applying an upstream patch from after the 0.8.5 release;
see attached.

    Simon

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (101, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openarena depends on:
ii  libc6                   2.11.2-2         Embedded GNU C Library: Shared lib
ii  libcurl3-gnutls         7.21.0-1         Multi-protocol file transfer libra
ii  libgl1-mesa-glx [libgl1 7.7.1-4          A free implementation of the OpenG
ii  libogg0                 1.2.0~dfsg-1     Ogg bitstream library
ii  libopenal1              1:1.12.854-2     Software implementation of the Ope
ii  libsdl1.2debian         1.2.14-6         Simple DirectMedia Layer
ii  libspeex1               1.2~rc1-1        The Speex codec runtime library
ii  libspeexdsp1            1.2~rc1-1        The Speex extended runtime library
ii  libvorbis0a             1.3.1-1          The Vorbis General Audio Compressi
ii  libvorbisfile3          1.3.1-1          The Vorbis General Audio Compressi
ii  openarena-data          0.8.5-2          OpenArena game data
ii  openarena-server        0.8.5-3          server and game logic for the game
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

openarena recommends no packages.

openarena suggests no packages.

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0039-Used-self-enemy-before-it-was-initialized.-Might-hav.patch
Type: text/x-diff
Size: 1324 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-games-devel/attachments/20100807/74c4058a/attachment.patch>

More information about the Pkg-games-devel mailing list