The AddBarrel function was not checking the type of the barrel when
generating the oVar2. This led to skeletons being pre-spawned in
explosive barrels; except that explosive barrels do not trigger the
spawn, resulting in unreachable monsters sitting at (0, 0) even after a
full clear.
While this does not affect functionality of regular Diablo gameplay, it
potentially affects modders who would like to use the nummonsters
global variable to check for full clears.
If `dObject[dx][dy]` is zero, then `pn = -1`, which causes an
out-of-bounds access to object. If the memory `object[-1]._otype`
is either 84 or 85, then the player is randomly teleported to the
location of the Vile Betrayer quest. This can be triggered either
by interacting with a holy shrine or by casting phasing.
"Wherever you go, there you are"
The current definition of MFILE_NONE is set to 255 (or -1 when
interpreted as a signed 8-bit integer). The definitions of missiles
without graphic animations use MFILE_NONE for the mFileNum field in
missiledata. This is problematic as it results in an out-of-bounds
access in SetMissAnim when accessing misfiledata for such a missile.
One such example is the Recharge Staff skill which does not use a
missile graphic animation and thus has _miAnimType set to MFILE_NONE.
The code path leading to out-of-bounds access after casting Recharge
is as follows: AddMissile -> SetMissDir -> SetMissAnim, which in turn
accesses misfiledata[animtype], i.e. misfiledata[255].
The issue here is probably very unlikely to trigger anything in-game, as
the first 4 monster array elements are reserverd for golems. However,
after executing the body of the `if (mi != 0) { mi-- }` if-statement,
it is not possible to determine whether mi was 0 or 1 before executing
the body. This is relevant as the pack member check should only be
performed if mi was non-zero prior to executing the body of the
if-statement.
A fixed may look something as follows:
if (mi != 0) {
mi--;
// BUGFIX: should only run pack member check if mi was non-zero prior to executing the body of the above if-statemnet (fixed).
if (monster[mi].leaderflag == 1
&& monster[mi].leader == i
&& monster[mi]._mfutx == x
&& monster[mi]._mfuty == y) {
mcount++;
}
The dMonster array stores monster array index numbers + 1
(or the corresponding negative version -(index + 1)).
Prior to use, these must be decremented by 1.
Right now we update heroLevel only on "CreateGame" code. This
means you can't enter nightmare/hell game at all - unless you
do createGame first. Let's set the heroLevel global variable in both
create and join game cases.
Anders Jenbo
BDC
Juliano Leal Goncalves
Chance4us
Juliano Leal Goncalves
qndel
Cyril SIX
mgpat-gm
rsn8887
Robin Eklind
Robin Eklind
gogogogi
Marcin Konicki
Marek Majkowski