edg-l/ddnet
1
0
Fork 0
mirror of https://github.com/ddnet/ddnet.git synced 2024-09-20 09:34:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix CRaceDemo + CGhost out of bounds access

Browse source 
#0 0x9f70dd in CRaceDemo::OnMessage(int, void*) src/game/client/components/race_demo.cpp:134
    #1 0xab81af in CGameClient::OnMessage(int, CUnpacker*, bool) src/game/client/gameclient.cpp:823
    #2 0x50ff76 in CClient::ProcessServerPacket(CNetChunk*) src/engine/client/client.cpp:2100
    #3 0x51bf62 in CClient::PumpNetwork() src/engine/client/client.cpp:2580
    #4 0x526b56 in CClient::Update() src/engine/client/client.cpp:2856
    #5 0x5333e4 in CClient::Run() src/engine/client/client.cpp:3237
    #6 0x557fda in main src/engine/client/client.cpp:4341
    #7 0x7f55e8c75cc9 in __libc_start_main ../csu/libc-start.c:308
    #8 0x433e29 in _start (build/DDNet+0x433e29)

src/game/client/components/ghost.cpp:600:35: runtime error: index -1 out of bounds for type 'CGameClient::CClientData [64]'
    #0 0x78201a in CGhost::OnMessage(int, void*) src/game/client/components/ghost.cpp:600
    #1 0xab81af in CGameClient::OnMessage(int, CUnpacker*, bool) src/game/client/gameclient.cpp:823
    #2 0x50ff76 in CClient::ProcessServerPacket(CNetChunk*) src/engine/client/client.cpp:2100
    #3 0x51bf62 in CClient::PumpNetwork() src/engine/client/client.cpp:2580
    #4 0x526b56 in CClient::Update() src/engine/client/client.cpp:2856
    #5 0x5333e4 in CClient::Run() src/engine/client/client.cpp:3237
    #6 0x557fda in main src/engine/client/client.cpp:4341
    #7 0x7f55e8c75cc9 in __libc_start_main ../csu/libc-start.c:308
    #8 0x433e29 in _start (build/DDNet+0x433e29)
This commit is contained in:
def 2020-10-10 23:39:13 +02:00
parent 6680ec388c
commit 476a912b3f
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/game/client/components/ghost.cpp
View file

@ -597,7 +597,7 @@ void CGhost::OnMessage(int MsgType, void *pRawMsg)
{ {
char aName[MAX_NAME_LENGTH]; char aName[MAX_NAME_LENGTH];
int Time = CRaceHelper::TimeFromFinishMessage(pMsg->m_pMessage, aName, sizeof(aName)); int Time = CRaceHelper::TimeFromFinishMessage(pMsg->m_pMessage, aName, sizeof(aName));
if(Time > 0 && str_comp(aName, m_pClient->m_aClients[m_pClient->m_Snap.m_LocalClientID].m_aName) == 0) if(Time > 0 && m_pClient->m_Snap.m_LocalClientID >= 0 && str_comp(aName, m_pClient->m_aClients[m_pClient->m_Snap.m_LocalClientID].m_aName) == 0)
{ {
StopRecord(Time); StopRecord(Time);
StopRender(); StopRender();

2
src/game/client/components/race_demo.cpp
View file

@ -131,7 +131,7 @@ void CRaceDemo::OnMessage(int MsgType, void *pRawMsg)
{ {
char aName[MAX_NAME_LENGTH]; char aName[MAX_NAME_LENGTH];
int Time = CRaceHelper::TimeFromFinishMessage(pMsg->m_pMessage, aName, sizeof(aName)); int Time = CRaceHelper::TimeFromFinishMessage(pMsg->m_pMessage, aName, sizeof(aName));
if(Time > 0 && str_comp(aName, m_pClient->m_aClients[m_pClient->m_Snap.m_LocalClientID].m_aName) == 0) if(Time > 0 && m_pClient->m_Snap.m_LocalClientID >= 0 && str_comp(aName, m_pClient->m_aClients[m_pClient->m_Snap.m_LocalClientID].m_aName) == 0)
{ {
m_RaceState = RACE_FINISHED; m_RaceState = RACE_FINISHED;
m_RecordStopTick = Client()->GameTick(g_Config.m_ClDummy) + Client()->GameTickSpeed(); m_RecordStopTick = Client()->GameTick(g_Config.m_ClDummy) + Client()->GameTickSpeed();