[Scummvm-tracker] [ScummVM :: Bugs] #15508: SCUMM: COMI: Invalid read in thumbnail when saving game

ScummVM :: Bugs trac at scummvm.org
Sun Nov 17 17:22:53 UTC 2024 

#15508: SCUMM: COMI: Invalid read in thumbnail when saving game
----------------------------+---------------------------
Reporter:  eriktorbjorn     |      Owner:  (none)
    Type:  defect           |     Status:  new
Priority:  normal           |  Component:  Engine: SCUMM
 Version:                   |   Keywords:
    Game:  Monkey Island 3  |
----------------------------+---------------------------
 When I save in The Curse of Monkey Island, using the original save dialog,
 I get the following Valgrind warning:

 {{{
 ==118179== Invalid read of size 4
 ==118179==    at 0x2B9ABD6:
 Scumm::ScummEngine_v8::fetchScummVMSaveStateThumbnail(int, bool, int)
 (saveload.cpp:528)
 ==118179==    by 0x2B9A43E: Scumm::ScummEngine_v8::stampScreenShot(int,
 int, int, int, int, int) (saveload.cpp:373)
 ==118179==    by 0x2B9A279: Scumm::ScummEngine_v8::stampShotDequeue()
 (saveload.cpp:336)
 ==118179==    by 0x2BF4CA9: Scumm::ScummEngine::scummLoop(int)
 (scumm.cpp:2938)
 ==118179==    by 0x2BF3CCE: Scumm::ScummEngine::go() (scumm.cpp:2606)
 ==118179==    by 0x2A6C685: Scumm::ScummEngine::run() (scumm.h:585)
 ==118179==    by 0x2A3828B: runGame(Plugin const*, OSystem&, DetectedGame
 const&, void const*) (main.cpp:311)
 ==118179==    by 0x2A3A695: scummvm_main (main.cpp:796)
 ==118179==    by 0x2A35341: main (posix-main.cpp:44)
 ==118179==  Address 0x25a92d3e is 38,398 bytes inside a block of size
 38,400 alloc'd
 ==118179==    at 0xA1E09F3: calloc (in /usr/libexec/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==118179==    by 0x72C8260: Graphics::Surface::create(short, short,
 Graphics::PixelFormat const&) (surface.cpp:79)
 ==118179==    by 0x72DDF0E:
 Graphics::loadThumbnail(Common::SeekableReadStream&, Graphics::Surface*&,
 bool) (thumbnail.cpp:179)
 ==118179==    by 0x2B9AB34:
 Scumm::ScummEngine_v8::fetchScummVMSaveStateThumbnail(int, bool, int)
 (saveload.cpp:516)
 ==118179==    by 0x2B9A43E: Scumm::ScummEngine_v8::stampScreenShot(int,
 int, int, int, int, int) (saveload.cpp:373)
 ==118179==    by 0x2B9A279: Scumm::ScummEngine_v8::stampShotDequeue()
 (saveload.cpp:336)
 ==118179==    by 0x2BF4CA9: Scumm::ScummEngine::scummLoop(int)
 (scumm.cpp:2938)
 ==118179==    by 0x2BF3CCE: Scumm::ScummEngine::go() (scumm.cpp:2606)
 ==118179==    by 0x2A6C685: Scumm::ScummEngine::run() (scumm.h:585)
 ==118179==    by 0x2A3828B: runGame(Plugin const*, OSystem&, DetectedGame
 const&, void const*) (main.cpp:311)
 ==118179==    by 0x2A3A695: scummvm_main (main.cpp:796)
 ==118179==    by 0x2A35341: main (posix-main.cpp:44)
 }}}

 I think what may be happening here is that it's reading the last two bytes
 of the thumbnail buffer, four bytes at a time?
-- 
Ticket URL: <https://bugs.scummvm.org/ticket/15508>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM

More information about the Scummvm-tracker mailing list