From 1980d9ea31e969c5b604f6ee01693cbcfc2c795a Mon Sep 17 00:00:00 2001 From: Rogier Date: Sun, 6 Nov 2016 16:18:29 +0100 Subject: [PATCH] Fix crash when attached object no longer exists Active objects that are attached to other objects are not safe from deletion. As a result, the parent object may have a reference to an id of a child's that no longer exists. If at some point an attempt is made to manipulate the child, enviromment->getActiveObject(child-id) returns NULL. Using the NULL pointer causes the crash... --- src/script/lua_api/l_object.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/script/lua_api/l_object.cpp b/src/script/lua_api/l_object.cpp index 42395717f..2a8b8a64e 100644 --- a/src/script/lua_api/l_object.cpp +++ b/src/script/lua_api/l_object.cpp @@ -140,8 +140,9 @@ int ObjectRef::l_remove(lua_State *L) UNORDERED_SET child_ids = co->getAttachmentChildIds(); UNORDERED_SET::iterator it; for (it = child_ids.begin(); it != child_ids.end(); ++it) { - ServerActiveObject *child = env->getActiveObject(*it); - child->setAttachment(0, "", v3f(0, 0, 0), v3f(0, 0, 0)); + // Child can be NULL if it was deleted earlier + if (ServerActiveObject *child = env->getActiveObject(*it)) + child->setAttachment(0, "", v3f(0, 0, 0), v3f(0, 0, 0)); } verbosestream<<"ObjectRef::l_remove(): id="<getId()<