From b37d0af41e6ebd4cda8eff4fc78d3f7f14141924 Mon Sep 17 00:00:00 2001
From: PatR <rankin@nethack.org>
Date: Sat, 14 Sep 2024 16:34:22 -0700
Subject: [PATCH] dipping fix

If you used 'm #dip' to skip being asked about dipping into a
fountain, sink, or pool and go directly to being prompted for which
potion to dip something into, formatting for the thing being dipped
was skipped.  If 'verbose' was On, an uninitialized buffer was
inserted into "dip [] into?" for use by getobj().  Could cause a
crash (prior to a commit made earlier today) but if it didn't, it
would only be noticable to players who leave 'force_invmenu' Off.
---
 src/potion.c | 41 ++++++++++++++++++++---------------------
 1 file changed, 20 insertions(+), 21 deletions(-)

diff --git a/src/potion.c b/src/potion.c
index 25e5e4f0c..68c9d165e 100644
--- a/src/potion.c
+++ b/src/potion.c
@@ -1,4 +1,4 @@
-/* NetHack 3.7	potion.c	$NHDT-Date: 1716668700 2024/05/25 20:25:00 $  $NHDT-Branch: NetHack-3.7 $:$NHDT-Revision: 1.265 $ */
+/* NetHack 3.7	potion.c	$NHDT-Date: 1726356849 2024/09/14 23:34:09 $  $NHDT-Branch: NetHack-3.7 $:$NHDT-Revision: 1.270 $ */
 /* Copyright (c) Stichting Mathematisch Centrum, Amsterdam, 1985. */
 /*-Copyright (c) Robert Patrick Rankin, 2013. */
 /* NetHack may be freely redistributed.  See license for details. */
@@ -2261,29 +2261,28 @@ dodip(void)
     shortestname = (is_hands || is_plural(obj) || pair_of(obj)) ? "them"
                                                                 : "it";
     drink_ok_extra = 0;
+    /*
+     * Bypass safe_qbuf() since it doesn't handle varying suffix without
+     * an awful lot of support work.  Format the object once, even though
+     * the fountain and pool prompts offer a lot more room for it.
+     * 3.6.0 used thesimpleoname() unconditionally, which posed no risk
+     * of buffer overflow but drew bug reports because it omits user-
+     * supplied type name.
+     * getobj: "What do you want to dip <the object> into? [xyz or ?*] "
+     */
+    if (is_hands) {
+        Snprintf(obuf, sizeof obuf, "your %s", makeplural(body_part(HAND)));
+    } else {
+        Strcpy(obuf, short_oname(obj, doname, thesimpleoname,
+                                 /* 128 - (24 + 54 + 1) leaves 49 for
+                                    <object> */
+                                 QBUFSZ - sizeof "What do you want to dip\
+ into? [abdeghjkmnpqstvwyzBCEFHIKLNOQRTUWXZ#-# or ?*] "));
+    }
+
     /* preceding #dip with 'm' skips the possibility of dipping into pools,
        fountains, and sinks plus the extra prompting which those entail */
     if (!iflags.menu_requested) {
-        /*
-         * Bypass safe_qbuf() since it doesn't handle varying suffix without
-         * an awful lot of support work.  Format the object once, even though
-         * the fountain and pool prompts offer a lot more room for it.
-         * 3.6.0 used thesimpleoname() unconditionally, which posed no risk
-         * of buffer overflow but drew bug reports because it omits user-
-         * supplied type name.
-         * getobj: "What do you want to dip <the object> into? [xyz or ?*] "
-         */
-        if (is_hands) {
-            Snprintf(obuf, sizeof(obuf), "your %s",
-                     makeplural(body_part(HAND)));
-        } else {
-            Strcpy(obuf, short_oname(obj, doname, thesimpleoname,
-                                     /* 128 - (24 + 54 + 1) leaves 49 for
-                                        <object> */
-                                     QBUFSZ - sizeof "What do you want to dip\
- into? [abdeghjkmnpqstvwyzBCEFHIKLNOQRTUWXZ#-# or ?*] "));
-        }
-
         /* Is there a fountain to dip into here? */
         if (!can_reach_floor(FALSE)) {
             ; /* can't dip something into fountain or pool if can't reach */