Fix heap-use-after-free in CVideo::Stop

The `delete ms_pCurrentVideo` deletes the current video instance (`this`) so the subsequent write to `m_Stopped` was invalid. Closes #8899.
2024-11-18 05:58:19 +00:00 · 2024-09-07 16:57:27 +02:00 · 2024-09-07 16:57:27 +02:00 · 9e0ba8a91f
parent fc058fa432
commit 9e0ba8a91f
1 changed files with 1 additions and 2 deletions
--- a/src/engine/client/video.cpp
+++ b/src/engine/client/video.cpp
@ -283,6 +283,7 @@ void CVideo::Pause(bool Pause)
 void CVideo::Stop()
 {
 	dbg_assert(!m_Stopped, "Already stopped");
+	m_Stopped = true;

 	m_pGraphics->WaitForIdle();

@ -341,8 +342,6 @@ void CVideo::Stop()
 	pSound->PauseAudioDevice();
 	delete ms_pCurrentVideo;
 	pSound->UnpauseAudioDevice();
-
-	m_Stopped = true;
 }

 void CVideo::NextVideoFrameThread()