A peer-supplied player_nr can target a player slot the current game
has not filled (slots 2..14 in the default starter map). The four
deref sites in nwc_auth_player_t::execute trusted the slot and
crashed the server with one 33-byte packet from any TCP-connected
peer. Null-guard locally; the silent-fail path matches the existing
"wrong password on a real slot" reply shape, so no wire change.
Thanks again, incorporated