subject:"\[Wesnoth\-bugs\] \[bug #25093\] editor\: heap buffer overflow editing side of scenario"

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

2016-09-28 Thread Charles Dang

Update of bug #25093 (project wesnoth):

  Status:  Ready For Test => Fixed  
 Open/Closed:Open => Closed 


___

Reply to this item at:

  

___
  Message sent via/by Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

2016-09-24 Thread Wedge009

Update of bug #25093 (project wesnoth):

  Status:   Confirmed => Ready For Test 
 Assigned to:None => wedge009   

___

Follow-up Comment #3:

Submitted PR #800 for this.

___

Reply to this item at:

  

___
  Message sent via/by Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

2016-09-24 Thread Wedge009

Follow-up Comment #2, bug #25093 (project wesnoth):

Did a bit more investigation - issue is that the editor is treating all sides
as side 0, which is incorrect (since side is supposed to be integers from 1 to
n).

___

Reply to this item at:

  

___
  Message sent via/by Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

2016-09-23 Thread Wedge009

Update of bug #25093 (project wesnoth):

  Status:None => Confirmed  
 Release: git => 1.13.5+dev 
Operating System:   linux => All

___

Follow-up Comment #1:

Same issue in VS stack trace:


wesnoth.exe!editor::map_context::set_side_setup(editor::editor_team_info &
info) Line 223  C++
wesnoth.exe!editor::context_manager::edit_side_dialog(int side) Line 222
C++
wesnoth.exe!editor::editor_controller::execute_command(const
hotkey::hotkey_command & cmd, int index, bool press) Line 946   C++
wesnoth.exe!hotkey::execute_command(const hotkey::hotkey_command & command,
hotkey::command_executor * executor, int index, bool press) Line 581C++
wesnoth.exe!hotkey::command_executor::show_menu(const
std::vector,std::allocator > > & items_arg, int xloc, int yloc, bool __formal, display & gui) Line
386 C++
wesnoth.exe!editor::editor_controller::show_menu(const
std::vector,std::allocator > > & items_arg, int xloc, int yloc, bool context_menu, display & disp) Line
1085C++
wesnoth.exe!controller_base::play_slice(bool is_delay_enabled) Line 221 C++
wesnoth.exe!editor::editor_controller::main_loop() Line 176 C++
wesnoth.exe!editor::start(const config & game_conf, CVideo & video, const
std::basic_string &
filename, bool take_screenshot, const
std::basic_string &
screenshot_filename) Line 52C++
wesnoth.exe!game_launcher::start_editor(const
std::basic_string &
filename) Line 990  C++
wesnoth.exe!game_launcher::start_editor() Line 94   C++
wesnoth.exe!do_gameloop(const
std::vector,std::allocator > > & args) Line 805  C++
wesnoth.exe!SDL_main(int argc, char * * argv) Line 1042 C++
wesnoth.exe!main_utf8(int argc, char * * argv) Line 126 C
wesnoth.exe!WinMain(HINSTANCE__ * hInst, HINSTANCE__ * hPrev, char *
szCmdLine, int sw) Line 189 C


Problem is trying to reference the -1 index of the teams_ vector in
editor/map/map_context.cpp:223, since info.side is zero and 0 - 1 = -1. I
don't know why the -1 is supposed to be necessary here, especially when the
index is simply side in 1.12.

Looks like the breaking commit was
https://github.com/wesnoth/wesnoth/commit/c29ea4e2612fd919bb48ae25ebb2f01fccbc3231
by CelMin.

___

Reply to this item at:

  

___
  Message sent via/by Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

2016-09-20 Thread Matthias Krüger

URL:
  

 Summary: editor: heap buffer overflow editing side of
scenario
 Project: Battle for Wesnoth
Submitted by: matthiaskrgr
Submitted on: Tue 20 Sep 2016 06:57:19 PM UTC
Category: Bug
Severity: 3 - Normal
Priority: 5 - Normal
  Item Group: Editor
  Status: None
 Privacy: Public
 Assigned to: None
Originator Email: 
 Open/Closed: Open
 Discussion Lock: Any
 Release: git
Operating System: linux

___

Details:

launch editor
new scenario
side -> add new side
side -> edit side -> "ok"  => crash





___

File Attachments:


---
Date: Tue 20 Sep 2016 06:57:19 PM UTC  Name: editor_side_buffer_overflow.log 
Size: 5kB   By: matthiaskrgr



___

Reply to this item at:

  

___
  Message sent via/by Gna!
  http://gna.org/


___
Wesnoth-bugs mailing list
Wesnoth-bugs@gna.org
https://mail.gna.org/listinfo/wesnoth-bugs

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

[Wesnoth-bugs] [bug #25093] editor: heap buffer overflow editing side of scenario

5 matches

Site Navigation

Mail list logo

Footer information