[Scummvm-tracker] [ScummVM :: Bugs] #12856: SUPERNOVA: Buffer overflow when speaking to NPC in Palae of Culture
ScummVM :: Bugs
trac at scummvm.org
Sat Aug 28 21:22:03 UTC 2021
#12856: SUPERNOVA: Buffer overflow when speaking to NPC in Palae of Culture
-------------------------------------------------+-------------------------
Reporter: criezy | Owner: (none)
Type: defect | Status: new
Priority: normal | Component: Engine:
| Supernova
Version: | Keywords:
Game: Mission Supernova Teil 2: Der |
Doppelgänger |
-------------------------------------------------+-------------------------
Here is the information provided by Address Sanitizer:
{{{
==33230==ERROR: AddressSanitizer: global-buffer-overflow on address
0x00010caab00c at pc 0x000106112584 bp 0x00016fa6a390 sp 0x00016fa6a388
READ of size 4 at 0x00010caab00c thread T0
#0 0x106112580 in Supernova::GameManager::dialog(int, unsigned char*,
int*, int) game-manager.cpp:642
#1 0x1060b5410 in
Supernova::CulturePalace::interact(Supernova::Action, Supernova::Object&,
Supernova::Object&)+0x328 (scummvm:arm64+0x105d25410)
#2 0x106141c38 in Supernova::GameManager2::handleInput()+0x5c0
(scummvm:arm64+0x105db1c38)
#3 0x106143634 in Supernova::GameManager2::executeRoom()+0x448
(scummvm:arm64+0x105db3634)
#4 0x10614df98 in Supernova::SupernovaEngine::run() supernova.cpp:118
#5 0x10040e990 in runGame(Plugin const*, Plugin const*, OSystem&,
Common::String const&) main.cpp:311
#6 0x100409a54 in scummvm_main main.cpp:618
#7 0x1004010d0 in main macosx-main.cpp:45
#8 0x18b09d42c in start+0x0 (libdyld.dylib:arm64e+0x1842c)
0x00010caab00c is located 52 bytes to the left of global variable 'dials1'
defined in 'engines/supernova/supernova2/rooms.cpp:844:14' (0x10caab040)
of size 3
0x00010caab00c is located 0 bytes to the right of global variable 'dial1'
defined in 'engines/supernova/supernova2/rooms.cpp:839:13' (0x10caab000)
of size 12
}}}
This is on a Mac M1 with current master (18ee050adf).
--
Ticket URL: <https://bugs.scummvm.org/ticket/12856>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM
More information about the Scummvm-tracker
mailing list