[Scummvm-tracker] [ScummVM :: Bugs] #13777: Unaligned memory access in IMuseDigital

[ScummVM :: Bugs]

#13777: Unaligned memory access in IMuseDigital
--------------------+---------------------------
Reporter:  kreudom  |      Owner:  (none)
    Type:  patch    |     Status:  new
Priority:  normal   |  Component:  Engine: SCUMM
 Version:           |   Keywords:
    Game:           |
--------------------+---------------------------
 It is possible that the mapCurPos pointer in
 IMuseDigital::dispatchConvertMap is cast to int32* and then written to
 while not properly aligned.

 I discovered the bug while trying to run The Curse of Monkey Island on my
 build of version 2.6.0 for the 3DS. Starting the game immediately results
 in a crash before the first menu of the game can be shown. This also
 occurs when building from the master branch.

 Debugging revealed that this crash happens due to an unaligned write in
 IMuseDigital::dispatchConvertMap. The pointer mapCurPos can become
 unaligned if rawMap contains a TEXT block with a length that is not
 divisible by 4.

 Replacing the pointer cast and assigment with memcpy resolves the issue
 and lets me start the game regularly. When compiling for the 3DS, the
 memcpy calls are optimized out, therefore I assume this should not
 noticeably impact performance.

 I did not check if there are any other alignment issues in the surrounding
 code. I also did not check if it is correct to assume that the arguments
 to dispatchConvertMap are always correctly aligned.

 I will attach my patch for your convenience.
-- 
Ticket URL: <https://bugs.scummvm.org/ticket/13777>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM