From: Rogier Date: Sun, 6 Nov 2016 15:18:29 +0000 (+0100) Subject: Fix crash when attached object no longer exists X-Git-Tag: 0.4.15~118 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1980d9ea31e969c5b604f6ee01693cbcfc2c795a;p=oweals%2Fminetest.git Fix crash when attached object no longer exists Active objects that are attached to other objects are not safe from deletion. As a result, the parent object may have a reference to an id of a child's that no longer exists. If at some point an attempt is made to manipulate the child, enviromment->getActiveObject(child-id) returns NULL. Using the NULL pointer causes the crash... --- diff --git a/src/script/lua_api/l_object.cpp b/src/script/lua_api/l_object.cpp index 42395717f..2a8b8a64e 100644 --- a/src/script/lua_api/l_object.cpp +++ b/src/script/lua_api/l_object.cpp @@ -140,8 +140,9 @@ int ObjectRef::l_remove(lua_State *L) UNORDERED_SET child_ids = co->getAttachmentChildIds(); UNORDERED_SET::iterator it; for (it = child_ids.begin(); it != child_ids.end(); ++it) { - ServerActiveObject *child = env->getActiveObject(*it); - child->setAttachment(0, "", v3f(0, 0, 0), v3f(0, 0, 0)); + // Child can be NULL if it was deleted earlier + if (ServerActiveObject *child = env->getActiveObject(*it)) + child->setAttachment(0, "", v3f(0, 0, 0), v3f(0, 0, 0)); } verbosestream<<"ObjectRef::l_remove(): id="<getId()<