View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003097 | FSSCP | tables | public | 2014-08-18 09:07 | 2014-08-18 09:12 |
| Reporter | niffiwan | Assigned To | niffiwan | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 3.7.2 RC3 | ||||
| Target Version | 3.7.2 | ||||
| Summary | 0003097: valgrind parse error when starting WoD | ||||
| Description | ==6917== Conditional jump or move depends on uninitialised value(s) ==6917== at 0x76667C: end_string_at_first_hash_symbol(char*) (parselo.cpp:3990) ==6917== by 0x82B8C1: ship_info_lookup(char const*) (ship.cpp:11964) ==6917== by 0x808025: parse_ship(char const*, bool) (ship.cpp:1051) ==6917== by 0x812868: parse_shiptbl(char const*) (ship.cpp:4157) ==6917== by 0x813071: ship_init() (ship.cpp:4329) ==6917== by 0x40FDFE: game_init() (freespace.cpp:2013) ==6917== by 0x4197A6: game_main(char*) (freespace.cpp:7086) ==6917== by 0x419AB0: main (freespace.cpp:7277) | ||||
| Steps To Reproduce | Use valgrind to run FSO with Wings of Dawn as the selected mod. Note the error being logged prior to the intro cutscene playing. Here's the function reported by valgrind: bool end_string_at_first_hash_symbol(char *src) { char *p; Assert(src); p = get_pointer_to_first_hash_symbol(src); if (p) { while (*(p-1) == ' ') p--; *p = '\0'; return true; } return false; } | ||||
| Additional Information | The source is this ship table entry: $Name: #NavMarker $Short name: BEEP $Species: LSF +Tech Description: XSTR("VIRTUAL NAVIGATIONAL MARKER", -1) $end_multi_text $POF file: navmarker.pof (etc) The 1st char is a # so the function attempts to read beyond the start of the string. Of course the chances of this randomly being a space and thus triggering a write of invalid memory are very low. | ||||
| Tags | No tags attached. | ||||
|
|
mantis3097-svn.patch (355 bytes)
Index: code/parse/parselo.cpp
===================================================================
--- code/parse/parselo.cpp (revision 11008)
+++ code/parse/parselo.cpp (working copy)
@@ -3987,7 +3987,7 @@
p = get_pointer_to_first_hash_symbol(src);
if (p)
{
- while (*(p-1) == ' ')
+ while ((p != src) && (*(p-1) == ' '))
p--;
*p = '\0';
|
|
|
Fix committed to trunk@11009. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2014-08-18 09:07 | niffiwan | New Issue | |
| 2014-08-18 09:07 | niffiwan | Status | new => assigned |
| 2014-08-18 09:07 | niffiwan | Assigned To | => niffiwan |
| 2014-08-18 09:07 | niffiwan | Steps to Reproduce Updated | |
| 2014-08-18 09:10 | niffiwan | File Added: mantis3097-svn.patch | |
| 2014-08-18 09:12 | niffiwan | Changeset attached | => fs2open trunk r11009 |
| 2014-08-18 09:12 | niffiwan | Note Added: 0016236 | |
| 2014-08-18 09:12 | niffiwan | Status | assigned => resolved |
| 2014-08-18 09:12 | niffiwan | Resolution | open => fixed |
