From 08c252274ab3a5220cb0c9b5a79869b1c4f7d0d7 Mon Sep 17 00:00:00 2001
From: Christoph Oelckers <coelckers@users.noreply.github.com>
Date: Fri, 27 Jan 2017 12:02:47 +0100
Subject: [PATCH] - fixed issues with uninitialized RNGs and bad assumptions
 about corpse pointers always being fully initialized when being destroyed.

Both of these may be true when occuring during normal gameplay, but not during an exception unwind in the serializer, which caused crashes if ACS errored out due to mismatched scripts.
---
 src/g_shared/a_action.cpp | 24 ++++++++++++++----------
 src/m_random.cpp          |  2 ++
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/src/g_shared/a_action.cpp b/src/g_shared/a_action.cpp
index ddfd23268..aed8457f8 100644
--- a/src/g_shared/a_action.cpp
+++ b/src/g_shared/a_action.cpp
@@ -142,21 +142,25 @@ void DCorpsePointer::OnDestroy ()
 	TThinkerIterator<DCorpsePointer> iterator (STAT_CORPSEPOINTER);
 	DCorpsePointer *first = iterator.Next ();
 
-	int prevCount = first->Count;
-
-	if (first == this)
+	// During a serialization unwind the thinker list won't be available.
+	if (first != nullptr)
 	{
-		first = iterator.Next ();
-	}
+		int prevCount = first->Count;
 
-	if (first != NULL)
-	{
-		first->Count = prevCount - 1;
-	}
+		if (first == this)
+		{
+			first = iterator.Next();
+		}
 
+		if (first != NULL)
+		{
+			first->Count = prevCount - 1;
+		}
+
+	}
 	if (Corpse != NULL)
 	{
-		Corpse->Destroy ();
+		Corpse->Destroy();
 	}
 	Super::OnDestroy();
 }
diff --git a/src/m_random.cpp b/src/m_random.cpp
index 60ce12fd6..697bb173f 100644
--- a/src/m_random.cpp
+++ b/src/m_random.cpp
@@ -156,6 +156,7 @@ FRandom::FRandom ()
 #endif
 	Next = RNGList;
 	RNGList = this;
+	Init(0);
 }
 
 //==========================================================================
@@ -199,6 +200,7 @@ FRandom::FRandom (const char *name)
 
 	Next = probe;
 	*prev = this;
+	Init(0);
 }
 
 //==========================================================================