Context Navigation

← Previous Ticket
Next Ticket →

#12730 closed defect (fixed)

AGS: Crash when starting Kathy Rain

Reported by:	criezy	Owned by:	dreammaster
Priority:	normal	Component:	Engine: AGS
Version:		Keywords:
Cc:		Game:

Description

When starting Kathy Rain I get a crash with a buffer overflow:

==6016==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x00011677c7b8 at pc 0x0001005d9198 bp 0x00016f98fe00 sp 0x00016f98fdf8
READ of size 1 at 0x00011677c7b8 thread T0
    #0 0x1005d9194 in AGS3::utf8_getc(char const*) unicode.cpp:59
    #1 0x1005dead0 in AGS3::ustrlwr(char*) unicode.cpp:1143
    #2 0x100995640 in AGS3::StrContains(char const*, char const*)+0x68 (scummvm:arm64+0x10052d640)
    #3 0x100997638 in AGS3::Sc_StrContains(void*, AGS3::RuntimeScriptValue const*, int)+0x210 (scummvm:arm64+0x10052f638)
    #4 0x100ae3e98 in AGS3::ccInstance::Run(int) cc_instance.cpp:1007
    #5 0x100adcad0 in AGS3::ccInstance::CallScriptFunction(char const*, int, AGS3::RuntimeScriptValue const*) cc_instance.cpp:340
    #6 0x100aff8fc in AGS3::RunScriptFunctionIfExists(AGS3::ccInstance*, char const*, int, AGS3::RuntimeScriptValue const*) script.cpp:365
    #7 0x100afe478 in AGS3::RunTextScript(AGS3::ccInstance*, char const*) script.cpp:414
    #8 0x100a9f1f4 in AGS3::start_game() game_start.cpp:88
    #9 0x100a9f7f0 in AGS3::initialize_start_and_play_game(int, int) game_start.cpp:124
    #10 0x100a817e4 in AGS3::initialize_engine(AGS3::std::map<AGS3::AGS::Shared::String, AGS3::std::map<AGS3::AGS::Shared::String, AGS3::AGS::Shared::String, Common::Less<AGS3::AGS::Shared::String> >, Common::Less<AGS3::AGS::Shared::String> > const&) engine.cpp:1247
    #11 0x10057a21c in AGS::AGSEngine::run() ags.cpp:183

This is with up to date code from master on macOS. The game is from Steam.

Change History (2)

comment:1 by criezy, 3 years ago

I did a git bisect and the regression was introduced by

commit 656659d488a06a34d3756204ead6ed3c9d9f48de
Author: Paul Gilbert <dreammaster@scummvm.org>
Date:   Thu Jul 8 22:15:03 2021 -0700

    AGS: Unicode-aware script String API implementation
    
    From upstream f658f6316dd562b28e8b206f3ef3cedebf3626c0

comment:2 by dreammaster, 3 years ago

Owner:	set to dreammaster
Resolution:	→ fixed
Status:	new → closed

Tracked down the problem. The set_uformat needed to be implemented to "slot in" ASCII string manipulation methods when dealing with ASCII strings

Note: See TracTickets for help on using tickets.

Download in other formats: