ROM checklist for MUDs

Verify that all pointer-to-integer casts in comm.c and act_wiz.c are updated to use intptr_t to prevent segmentation faults on 64-bit Linux hosts.

Compile using -Wall -Wextra flags and resolve all 'format-security' and 'unused-result' warnings to prevent runtime crashes during string processing.

Ensure the Makefile explicitly links against -lcrypt and that the code includes <crypt.h> to support modern glibc implementations of password hashing.

Set the /area, /player, and /gods directories to 750 permissions and ensure the binary does not run as the root user.

Test the 'startup' shell script to ensure it correctly rotates log files and auto-restarts the process upon a crash.

Replace the legacy DES-based crypt() with SHA-256 or Blowfish hashing within save.c to protect player credentials.

Verify that sensitive commands like 'shutdown', 'reboot', and 'ban' are restricted to level 60 (Implementor) in interp.c.

Review read_from_buffer in comm.c to ensure input lengths are capped at MAX_INPUT_LENGTH before being processed.

Verify that the 'ban' command correctly writes to the ban.txt file and blocks connections from specified CIDR blocks at the socket level.

Configure check_reconnect in comm.c to prevent or alert when multiple logins originate from the same IP address.

Run a boot-time check to ensure no duplicate VNUMs exist across different .are files and that all exits lead to valid room VNUMs.

Implement a 'backup' directory logic in save.c that retains the previous version of a player file before overwriting it during a save.

Verify that every skill, spell, and command defined in const.c and interp.c has a corresponding entry in help.are.

Check area reset headers to ensure mobiles and objects are not set to load in quantities that exceed MAX_MOB or MAX_OBJ limits.

Verify that the socials.are file is correctly formatted and that no social command shares a name with a combat skill.

Execute a copyover and verify that descriptors are successfully passed to the new process without disconnecting active players.

Test using MUSHclient to ensure the server correctly handles NAWS (Window Size) and TTYPE (Terminal Type) sequences.

Run the codebase through Valgrind for 30 minutes of active play to identify leaks in recycle.c or mobile programs.

Verify that MAX_CLIENTS is set in merc.h and that the server rejects new connections gracefully when the limit is reached.

Ensure large outputs (like 'who' or 'map') are paginated via the show_page function to prevent socket buffer saturation.

Check handler.c to ensure that 'train' and 'perm_stat' calls cannot exceed the maximums defined in the pc_race_table.

Test level 1, 25, and 50 mob kills to ensure the exp_compute function does not grant unintended levels of experience.

Review 'haste' and 'sanctuary' in magic.c to ensure they do not stack or provide unintended multipliers in PvP combat.

Verify that wear_obj in act_obj.c correctly prevents players from using items with a level requirement higher than their current level.

Test the 'corpse' loading logic to ensure items are correctly transferred to the corpse and that the corpse VNUM is valid.