Opened 3 years ago
Last modified 3 years ago
#12856 closed defect
SUPERNOVA: Buffer overflow when speaking to NPC in Palae of Culture — at Initial Version
Reported by: | criezy | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | Engine: Supernova |
Version: | Keywords: | ||
Cc: | Game: | Mission Supernova Teil 2: Der Doppelgänger |
Description
Here is the information provided by Address Sanitizer:
==33230==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00010caab00c at pc 0x000106112584 bp 0x00016fa6a390 sp 0x00016fa6a388 READ of size 4 at 0x00010caab00c thread T0 #0 0x106112580 in Supernova::GameManager::dialog(int, unsigned char*, int*, int) game-manager.cpp:642 #1 0x1060b5410 in Supernova::CulturePalace::interact(Supernova::Action, Supernova::Object&, Supernova::Object&)+0x328 (scummvm:arm64+0x105d25410) #2 0x106141c38 in Supernova::GameManager2::handleInput()+0x5c0 (scummvm:arm64+0x105db1c38) #3 0x106143634 in Supernova::GameManager2::executeRoom()+0x448 (scummvm:arm64+0x105db3634) #4 0x10614df98 in Supernova::SupernovaEngine::run() supernova.cpp:118 #5 0x10040e990 in runGame(Plugin const*, Plugin const*, OSystem&, Common::String const&) main.cpp:311 #6 0x100409a54 in scummvm_main main.cpp:618 #7 0x1004010d0 in main macosx-main.cpp:45 #8 0x18b09d42c in start+0x0 (libdyld.dylib:arm64e+0x1842c) 0x00010caab00c is located 52 bytes to the left of global variable 'dials1' defined in 'engines/supernova/supernova2/rooms.cpp:844:14' (0x10caab040) of size 3 0x00010caab00c is located 0 bytes to the right of global variable 'dial1' defined in 'engines/supernova/supernova2/rooms.cpp:839:13' (0x10caab000) of size 12
This is on a Mac M1 with current master (18ee050adf).
Note:
See TracTickets
for help on using tickets.