edg-l/ddnet
1
0
Fork 0
mirror of https://github.com/ddnet/ddnet.git synced 2024-09-19 09:12:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix heap-use-after-free in CVideo::Stop

Browse source 
The `delete ms_pCurrentVideo` deletes the current video instance (`this`) so the subsequent write to `m_Stopped` was invalid.

Closes #8899.
This commit is contained in:
Robert Müller 2024-09-07 16:57:27 +02:00
parent fc058fa432
commit 9e0ba8a91f
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/engine/client/video.cpp
View file

@ -283,6 +283,7 @@ void CVideo::Pause(bool Pause)
void CVideo::Stop() void CVideo::Stop()
{ {
dbg_assert(!m_Stopped, "Already stopped"); dbg_assert(!m_Stopped, "Already stopped");
m_Stopped = true;
m_pGraphics->WaitForIdle(); m_pGraphics->WaitForIdle();
@ -341,8 +342,6 @@ void CVideo::Stop()
pSound->PauseAudioDevice(); pSound->PauseAudioDevice();
delete ms_pCurrentVideo; delete ms_pCurrentVideo;
pSound->UnpauseAudioDevice(); pSound->UnpauseAudioDevice();
m_Stopped = true;
} }
void CVideo::NextVideoFrameThread() void CVideo::NextVideoFrameThread()