[Wesnoth-bugs] [bug #22745] choose_track function crashes the game in certain cases

Fri, 03 Oct 2014 15:28:42 -0700 

URL:
  <http://gna.org/bugs/?22745>

                 Summary: choose_track function crashes the game in certain
cases
                 Project: Battle for Wesnoth
            Submitted by: lovcapone
            Submitted on: ven. 03 oct. 2014 22:28:12 UTC
                Category: Bug
                Severity: 3 - Normal
                Priority: 5 - Normal
              Item Group: Sound and music
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 1.13.0-dev
        Operating System: Win7 x64

    _______________________________________________________

Details:

I found this bug while working on another bug. It's pretty hard to reproduce
since there is randomness related to it.

In certain cases, there is a "index out of range" error at line 232 of
sound.cpp (in choose_track function). Here the code faulty:

---

if (current_track_index == current_track_list.size()) {
     current_track_index = 0;
     }

if (current_track_list[current_track_index].shuffle()) {

---

So when I got the crash I saw that obviously "current_track_index" in certain
cases would be > than "current_track_list.size()". To quickly reproduce the
bug here's how:

First modify the code so that "current_track_index" is always set to the
maximum allowed value by replacing line 237:

track = rand()%current_track_list.size();

to this:

track = current_track_list.size() - 1;

Then you have to load a game but to crash the game you have to finish the
scenario so load a game near the end (but before linger mode). You can load
the attached game (SotBE-End_of_Peace-Auto-Save22.gz).

So when you load the game, choose_track is called and "current_track_index"
will be set to "track" value. When you finish the scenario, the next time
choose_track will be called, "current_track_index" will be > than
"current_track_list.size()" and then it will throw an index out of range error
at line 232.

The fix is simple replacing "==" to ">=" in line 228. I will make a pull
request for it.



    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: ven. 03 oct. 2014 22:28:12 UTC  Name: SotBE-End_of_Peace-Auto-Save22.gz 
Size: 32 ko   By: lovcapone

<http://gna.org/bugs/download.php?file_id=22516>

    _______________________________________________________

Reply to this item at:

  <http://gna.org/bugs/?22745>

_______________________________________________
  Message posté via/par Gna!
  http://gna.org/


_______________________________________________
Wesnoth-bugs mailing list
[email protected]
https://mail.gna.org/listinfo/wesnoth-bugs

Reply via email to