dxx-rebirth

History

derhass b73407e791 Prevent digi_mixer_start_sound() from trying to play nonexisting sounds. There is a an out-of-bounds access in digi_mixer_start_sound() when soundnum is < 0. The bounds check I added here is already present in digi_audio_start_sound(). This bug was triggered on the RPi d2x built when trying to show the briefing screen because briefing_new_screen() tries to play SOUND_BRIEFING_HUM, which digi_xlat_sound() translated to -1 in this situation. The game finally crashed in mixdigi_convert_sound() because GameSounds[-1] happened to contain some non-zero data (on my Linux desktop, that memory seems to be always 0 by accident...). This was also the reason why the pi version tried to allocate lots of memory before it crashed in memcpy().	2015-03-21 23:45:42 +01:00
..
ogl	Merge branch 'unification/master' into unification/rpi	2015-03-21 18:02:16 +01:00
sdl	Prevent digi_mixer_start_sound() from trying to play nonexisting sounds.	2015-03-21 23:45:42 +01:00

derhass b73407e791 Prevent digi_mixer_start_sound() from trying to play nonexisting sounds.

There is a an out-of-bounds access in digi_mixer_start_sound() when
soundnum is < 0. The bounds check I added here is already present in
digi_audio_start_sound().

This bug was triggered on the RPi d2x built when trying to show the
briefing screen because briefing_new_screen() tries to play
SOUND_BRIEFING_HUM, which digi_xlat_sound() translated to -1 in this
situation. The game finally crashed in mixdigi_convert_sound() because
GameSounds[-1] happened to contain some non-zero data (on my Linux desktop,
that memory seems to be always 0 by accident...). This was also the reason
why the pi version tried to allocate lots of memory before it crashed in
memcpy().

2015-03-21 23:45:42 +01:00

ogl

Merge branch 'unification/master' into unification/rpi

2015-03-21 18:02:16 +01:00

sdl

Prevent digi_mixer_start_sound() from trying to play nonexisting sounds.

2015-03-21 23:45:42 +01:00