[Scummvm-cvs-logs] SF.net SVN: scummvm:[40963] scummvm/trunk/engines/sci/engine/vm.cpp

wjpalenstijn at users.sourceforge.net wjpalenstijn at users.sourceforge.net
Thu May 28 21:18:29 CEST 2009 

Revision: 40963
          http://scummvm.svn.sourceforge.net/scummvm/?rev=40963&view=rev
Author:   wjpalenstijn
Date:     2009-05-28 19:18:29 +0000 (Thu, 28 May 2009)

Log Message:
-----------
SCI: Fix potential dangling pointer after reallocation

Modified Paths:
--------------
    scummvm/trunk/engines/sci/engine/vm.cpp

Modified: scummvm/trunk/engines/sci/engine/vm.cpp
===================================================================
--- scummvm/trunk/engines/sci/engine/vm.cpp	2009-05-28 16:23:59 UTC (rev 40962)
+++ scummvm/trunk/engines/sci/engine/vm.cpp	2009-05-28 19:18:29 UTC (rev 40963)
@@ -506,10 +506,6 @@
 	xstack.type = EXEC_STACK_TYPE_CALL; // Normal call
 
 	s->_executionStack.push_back(xstack);
-	// FIXME: push_back can cause the storage of _executionStack to be reallocated.
-	// As a result, any pointers to a member of _executionStack becomes invalid.
-	// This can cause severe breakage since run_vm does exactly that...
-
 	return &(s->_executionStack.back());
 }
 
@@ -978,13 +974,15 @@
 			int argc = (opparams[1] >> 1) // Given as offset, but we need count
 			           + 1 + restadjust;
 			StackPtr call_base = xs->sp - argc;
-
+			StackPtr cur_sp = xs->sp;
 			xs->sp[1].offset += restadjust;
+			xs->sp = call_base;
+
+			// NB: add_exec_stack_entry can re-allocate the execution stacks
 			xs_new = add_exec_stack_entry(s, make_reg(xs->addr.pc.segment, xs->addr.pc.offset + opparams[0]),
-			                              xs->sp, xs->objp, (validate_arithmetic(*call_base)) + restadjust,
+			                              cur_sp, xs->objp, (validate_arithmetic(*call_base)) + restadjust,
 			                              call_base, NULL_SELECTOR, xs->objp, s->_executionStack.size()-1, xs->local_segment);
 			restadjust = 0; // Used up the &rest adjustment
-			xs->sp = call_base;
 
 			s->_executionStackPosChanged = true;
 			break;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

More information about the Scummvm-git-logs mailing list