Comments (7)
turol
commented on May 29, 2024
Invalid read of size 4
at 0x14B115: PTR_AimTraverse (p_map.c:1202)
by 0x14D42C: P_TraverseIntercepts (p_maputl.c:643)
by 0x14C937: P_AimLineAttack (p_map.c:1407)
by 0x14F8E6: P_SpawnPlayerMissile (p_mobj.c:1502)
by 0x151320: A_FireSkullRodPL1 (p_pspr.c:1420)
by 0x14FD11: P_SetPsprite (p_pspr.c:342)
by 0x1500E2: P_FireWeapon (p_pspr.c:549)
by 0x1500E2: P_FireWeapon (p_pspr.c:535)
by 0x14FD11: P_SetPsprite (p_pspr.c:342)
by 0x151C4D: P_MovePsprites (p_pspr.c:1900)
by 0x15AA99: P_PlayerThink (p_user.c:646)
by 0x1598A7: P_Ticker (p_tick.c:153)
by 0x14101C: G_Ticker (g_game.c:1165)
Address 0x0 is not stack'd, malloc'd or (recently) free'd
chocolate-doom/src/heretic/p_map.c
Line 1202 in 3ce5035
(gdb) insp *li
$2 = {v1 = 0x7ffff5520130, v2 = 0x7ffff5520140, dx = 0, dy = -4980736, flags = 260, special = 1, tag = 0, sidenum = {155, -1}, bbox = {65011712, 60030976, 14155776, 14155776}, slopetype = ST_VERTICAL, frontsector = 0x7ffff5521a00,
backsector = 0x0, validcount = 8505, specialdata = 0x0}
backsector is NULL. Is this linedef valid?
from chocolate-doom.
turol
commented on May 29, 2024
I did a little experiment. With modern Open Watcom and DOS4G extender a NULL pointer dereference actually works. Assuming it's mostly similar to the original Watcom the code would have worked in DOS and just read some random bytes.
The proper fix then will be to check the pointer against NULL and do something non-crashy when it is.
from chocolate-doom.
JNechaevsky
commented on May 29, 2024
This and this additions will fix the issue. Seems to be demo-safe, at least I have no desyncs in longest full episode runs from DSDA demo archive.
Edit: yes, it should be safe, DSDA-Doom have similar fix.
from chocolate-doom.
fabiangreffrath
commented on May 29, 2024
This and this additions will fix the issue. Seems to be demo-safe, at least I have no desyncs in longest full episode runs from DSDA demo archive.
Edit: yes, it should be safe, DSDA-Doom have similar fix.
Could we have a PR, please?
from chocolate-doom.
JNechaevsky
commented on May 29, 2024
Sure, if you say. My only thought is - this small corrections will need a comment(s), since such check is not included in original source release. But how such comment must look then? I mean, I shouldn't be something like "this fixes crash on modern OSes".
from chocolate-doom.
fabiangreffrath
commented on May 29, 2024
You could just reuse the relevant part of the original commit message for the Doom code:
from chocolate-doom.
kitchen-ace
commented on May 29, 2024
Fixed in #1670. Thanks!
from chocolate-doom.
Related Issues (20)
- Emulate "2s middle textures do not animate in v1.2" HOT 1
- should chocolate-strife include the original intro video ? HOT 2
- Technically incorrect comment HOT 1
- Possible Z_Malloc error on playing demo under x64 build HOT 19
- Buffer overflow when loading response files HOT 6
- Windows build docs need a minor update (missing autotools package) HOT 1
- Handle DMX midi issue? HOT 5
- Sound Cut-Off Issue (FIXED) HOT 2
- snd_musiccmd option ignored (linux) HOT 8
- Sound problems (Heretic and Hexen) HOT 10
- no music with surround sound on HOT 5
- Configuration files directory differs from Vanilla Doom HOT 4
- Incorrect behavior for lost souls in Chex Quest with chex.deh HOT 1
- Setup using wrong color palette HOT 4
- Compilation Errors in Chocolate Doom on Debian: SDL2 and sound.c HOT 2
- Hexen: autosaves cause problems with -demoextend multi-level demos HOT 2
- Hexen: possible desync on multi-level demo (and now single map demo) HOT 12
- Add more gamepad binds to Heretic and Hexen #1666 - Dpad not being recognized HOT 6
- Someone needs to send a GPL compliance email to Husqvarna AB HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chocolate-doom.