[Scummvm-git-logs] scummvm master -> ec677b3fe9eafe5de2a36e50efb44e1384150820

[digitall]

This automated email contains information about 1 new commit which have been
pushed to the 'scummvm' repo located at https://github.com/scummvm/scummvm .

Summary:
ec677b3fe9 HDB: Fix Crash on Invalid Sound String Pointers


Commit: ec677b3fe9eafe5de2a36e50efb44e1384150820
    https://github.com/scummvm/scummvm/commit/ec677b3fe9eafe5de2a36e50efb44e1384150820
Author: D G Turner (digitall at scummvm.org)
Date: 2019-09-13T20:14:22+01:00

Commit Message:
HDB: Fix Crash on Invalid Sound String Pointers

This was causing a crash with buffer overflow on Windows builds, but
diagnosing with Valgrind showed invalid strings being accessed in the
sound code. Some analysis showed that these were mainly the reference
to c_str() buffers from a local heap Common::String which was out of
scope and thus destructed, giving an invalid pointer.

The fix here also simplifies the code as well as avoiding this issue.

Changed paths:
    engines/hdb/sound.cpp


diff --git a/engines/hdb/sound.cpp b/engines/hdb/sound.cpp
index 0f8fc8d..d2c2796 100644
--- a/engines/hdb/sound.cpp
+++ b/engines/hdb/sound.cpp
@@ -1755,14 +1755,11 @@ void Sound::stopMusic() {
 }
 
 void Sound::beginMusic(SoundType song, bool fadeIn, int ramp) {
-	const char *songName = nullptr;
+	Common::String songName(soundList[song].name);
 
 	if (g_hdb->getPlatform() == Common::kPlatformLinux) {
-		Common::String updatedName(soundList[song].name);
-		updatedName.replace(updatedName.begin() + updatedName.size() - 4, updatedName.end(), ".ogg");
-		songName = updatedName.c_str();
-	} else
-		songName = soundList[song].name;
+		songName.replace(songName.begin() + songName.size() - 4, songName.end(), ".ogg");
+	}
 
 	if (g_hdb->isPPC()) {
 		switch (song) {