[Scummvm-tracker] [ScummVM :: Bugs] #12258: AGS: Buffer overflow in AdLib driver at the start of Black Cauldron
ScummVM :: Bugs
trac at scummvm.org
Wed Mar 3 22:32:46 UTC 2021
#12258: AGS: Buffer overflow in AdLib driver at the start of Black Cauldron
-------------------+--------------------------
Reporter: criezy | Owner: (none)
Type: defect | Status: new
Priority: normal | Component: Engine: AGS
Version: | Resolution:
Keywords: | Game:
-------------------+--------------------------
Comment (by criezy):
The issue occurs when trying to play the music1.mid file. The file plays
without error in VLC.
Changing the preferred audio device to use FluidSynth or Apple DLS Synth
instead of the default also plays this properly. So the issue might be in
the MidiDriver_ADLIB itself and not in AGS or the game data.
Maybe we just need to add a sanity check:
{{{#!diff
--- a/audio/adlib.cpp
+++ b/audio/adlib.cpp
@@ -1917,8 +1917,10 @@ void MidiDriver_ADLIB::adlibPlayNote(int channel,
int note) {
}
i = (notex << 3) + ((note >> 4) & 0x7);
- adlibWrite(channel + 0xA0, g_noteFrequencies[i]);
- adlibWrite(channel + 0xB0, oct | 0x20);
+ if (i >= 0 && i < sizeof(g_noteFrequencies)) {
+ adlibWrite(channel + 0xA0, g_noteFrequencies[i]);
+ adlibWrite(channel + 0xB0, oct | 0x20);
+ }
}
}}}
Or should the case where `note == 0` be handled before we get there, such
as in `AdLibPart::noteOn()`?
--
Ticket URL: <https://bugs.scummvm.org/ticket/12258#comment:2>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM
More information about the Scummvm-tracker
mailing list