Skip to content

Fix dangling pointer in mapthing after removing mobj

Hanicef requested to merge Hanicef/SRB2:fix-spawnpoint-dangling-mobj into next

When a mobj that is spawned by a mapthing is removed, the corresponding mobj pointer inside the mapthing is not cleared. This can, in some rare cases, cause segfaults to trigger. One such case where this can happen is when bosses try to find their flying point after being destroyed, where P_FindBossFlyPoint starts to iterate through all mapthings to find where to fly next. If one of the corresponding mobjs in the list is dangling, it might trigger a segfault when the mobj is dereferenced.

Merge request reports

Loading