Odd, I thought I had fixed that particular crash and committed the fix, but maybe I only fixed it on my own server and forgot to commit it.
The problem is that in the handling for hiring a merc in client_packet.cpp, it makes the call to LoadMerc(), and then spawns the merc without first making sure it actually got one returned. I highlighted the line below where the issue is. We just need an "if (merc)" added right below that line to prevent the crash.
Code:
void Client::Handle_OP_MercenaryHire(const EQApplicationPacket *app)
{
// The payload is 16 bytes. First four bytes are the Merc ID (Template ID)
if(app->size != sizeof(MercenaryMerchantRequest_Struct))
{
LogFile->write(EQEMuLog::Debug, "Size mismatch in OP_MercenaryHire expected %i got %i", sizeof(MercenaryMerchantRequest_Struct), app->size);
DumpPacket(app);
return;
}
MercenaryMerchantRequest_Struct* mmrq = (MercenaryMerchantRequest_Struct*) app->pBuffer;
uint32 merc_template_id = mmrq->MercID;
uint32 merchant_id = mmrq->MercMerchantID;
uint32 merc_unk1 = mmrq->MercUnk01;
uint32 merc_unk2 = mmrq->MercUnk02;
DumpPacket(app);
if(MERC_DEBUG > 0)
Message(7, "Mercenary Debug: Template ID (%i), Merchant ID (%i), Unknown1 (%i), Unknown2 (%i)", merc_template_id, merchant_id, merc_unk1, merc_unk2);
//HirePending = true;
SetHoTT(0);
SendTargetCommand(0);
MercTemplate* merc_template = zone->GetMercTemplate(merc_template_id);
if(merc_template) {
if (GetMercID()) {
// 6 - You must dismiss the mercenary before hiring a new one.
SendMercMerchantResponsePacket(6);
}
else
{
// 0 is approved hire request
SendMercMerchantResponsePacket(0);
// Set time remaining to max on Hire
GetEPP().mercTimerRemaining = RuleI(Mercs, UpkeepIntervalMS);
// Get merc, assign it to client & spawn
Merc* merc = Merc::LoadMerc(this, merc_template, merchant_id);
SpawnMerc(merc);
}
}
}