games/vcmi
1
0
Fork 0
mirror of https://github.com/vcmi/vcmi.git synced 2024-11-24 08:32:34 +02:00
Code Issues Releases Activity
Open-source engine for Heroes of Might and Magic III
7,860 Commits 22 Branches 61 Tags 102 MiB
C++ 70%
JSON-with-Comments 24.5%
Java 1.7%
C 1.6%
CMake 1.6%
Other 0.5%
23215e039c
Go to file
Sergei Trofimovich 23215e039c client/CVideoHandler.cpp: fix crash on video playback 
Avoid buffer overflow caused by sws_scale():
    http://trac.ffmpeg.org/ticket/9254
Currently (ffmpeg-4.4 with SSE3 enabled) sws_scale()
has a few requirements for target data buffers on rescaling:
1. buffer has to be aligned to be usable for SIMD instructions
2. buffer has to be padded to allow small overflow by SIMD instructions
Unfortunately SDL_Surface does not provide these guarantees.
This means that atempt to rescale directly into SDL surface causes
memory corruption. Usually it happens on campaign selection screen
where short video moves start spinning on mouse hover.

To fix [1.] we use av_malloc() for memory allocation.
To fix [2.] we add an `ffmpeg_pad` that provides plenty of space.
We have to use intermdiate buffer and then use memcpy() to land it
to SDL_Surface.

Without the change crash has the following backtrace:

```
(gdb) bt
    (c=0x47508940, src=0x1ffeffef50, srcStride=0x1ffeffef30, srcSliceY=0, srcSliceH=116, dst=0x1ffeffef70, dstStride=0x1ffeffef40) at src/libswscale/x86/yuv2rgb_template.c:119
    (c=<optimized out>, srcSlice=<optimized out>, srcStride=0x432afa20, srcSliceY=<optimized out>, srcSliceH=116, dst=<optimized out>, dstStride=0x1ffefff0a0) at src/libswscale/swscale.c:969
    (this=0x1abaa330, x=90, y=72, dst=0x1a85a4c0, forceRedraw=<optimized out>, update=<optimized out>)
    at ../vcmi-9999/client/CVideoHandler.cpp:332
    at ../vcmi-9999/client/gui/CIntObject.cpp:83
    at ../vcmi-9999/client/gui/CGuiHandler.cpp:462
```

valgrind points to corruption right in sws_scale():

```
Invalid write of size 8
   at 0x6C50BD3: ??? (in /usr/lib64/libswscale.so.5.7.100)
   by 0x6C4FAE6: yuv420_rgb32_ssse3 (yuv2rgb_template.c:119)
   by 0x6C28DF2: sws_scale (swscale.c:969)
   by 0x4566F6: CVideoPlayer::nextFrame() (CVideoHandler.cpp:293)
   by 0x4573A6: CVideoPlayer::update(int, int, SDL_Surface*, bool, bool) (CVideoHandler.cpp:332)
   by 0x25EC94: CIntObject::show(SDL_Surface*) [clone .part.0] (CIntObject.cpp:83)
   by 0x34E855: CMainMenu::update() (CMainMenu.cpp:319)
   by 0x25D589: CGuiHandler::renderFrame() (CGuiHandler.cpp:462)
   by 0x1F7450: mainLoop (CMT.cpp:1387)
   by 0x1F7450: main (CMT.cpp:513)
 Address 0x475088a8 is 0 bytes after a block of size 92,840 alloc'd
   at 0x483F7E5: malloc (vg_replace_malloc.c:380)
   by 0x52B4E23: SDL_malloc_REAL (SDL_malloc.c:5387)
   by 0x5266237: SDL_SIMDAlloc_REAL (SDL_cpuinfo.c:963)
   by 0x52EF042: SDL_CreateRGBSurfaceWithFormat_REAL (SDL_surface.c:123)
   by 0x2649AC: CSDL_Ext::newSurface(int, int, SDL_Surface*) (SDL_Extensions.cpp:42)
   by 0x457B20: CVideoPlayer::open(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, bool, bool, bool) (CVideoHandler.cpp:182)
   by 0x457C60: CVideoPlayer::open(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, bool) (CVideoHandler.cpp:84)
   by 0x35B14E: CCampaignScreen::CCampaignButton::show(SDL_Surface*) (CCampaignScreen.cpp:126)
   by 0x25EC94: CIntObject::show(SDL_Surface*) [clone .part.0] (CIntObject.cpp:83)
   by 0x34E855: CMainMenu::update() (CMainMenu.cpp:319)
   by 0x25D589: CGuiHandler::renderFrame() (CGuiHandler.cpp:462)
   by 0x1F7450: mainLoop (CMT.cpp:1387)
   by 0x1F7450: main (CMT.cpp:513)
```

Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
2021-07-31 14:35:31 +03:00
.github/workflows Fix build 2021-07-26 21:02:50 +03:00
AI Fix build 2021-07-26 21:02:50 +03:00
CI Nullkiller: update / fix build, core changes required for Nullkiller AI 2021-07-26 21:02:50 +03:00
client client/CVideoHandler.cpp: fix crash on video playback 2021-07-31 14:35:31 +03:00
cmake_modules Fix build 2021-07-26 21:02:50 +03:00
config Nullkiller: rename VCAI to AIGateway 2021-07-26 21:02:50 +03:00
debian Disable tests to fix building deb packages 2020-11-12 13:59:06 +02:00
include Fixes for code review issues 2021-02-20 04:57:50 +03:00
launcher Nullkiller: rename VCAI to AIGateway 2021-07-26 21:02:50 +03:00
lib Fix: nextPrimarySkill crash in case when probability values are incorrect 2021-07-30 12:10:33 +03:00
Mods/vcmi Entities redesign and a few ERM features 2021-02-14 19:05:43 +03:00
osx Merge branch 'develop' into handlersAbstraction 2021-07-16 00:32:13 +03:00
rpm Update RPM spec 2020-05-05 18:44:42 +10:00
scripting ERM: revert unwanted changes 2021-04-19 18:33:07 +03:00
scripts/lib Merge pull request #690 from nullkiller/erm-fix-vr 2021-04-29 16:05:20 +03:00
server Merge branch 'develop' into handlersAbstraction 2021-07-16 00:32:13 +03:00
test Merge branch 'develop' into handlersAbstraction 2021-07-16 00:32:13 +03:00
.gitignore Fix: Morale bonus should be shown correctly 2020-11-11 22:43:40 +03:00
.gitmodules Upgrade to fuzzylite 6.0 as a submodule 2017-08-15 16:05:49 +03:00
.travis.yml Entities redesign and a few ERM features 2021-02-14 19:05:43 +03:00
AUTHORS Nullkiller: rename VCAI to AIGateway 2021-07-26 21:02:50 +03:00
CCallback.cpp Entities redesign and a few ERM features 2021-02-14 19:05:43 +03:00
CCallback.h Entities redesign and a few ERM features 2021-02-14 19:05:43 +03:00
ChangeLog Exposed more of existing limiters for modders (#449) 2018-04-17 19:59:30 +07:00
CMakeLists.txt Nullkiller: rename VCAI to AIGateway 2021-07-26 21:02:50 +03:00
fuzzylite.pc.in Upgrade to fuzzylite 6.0 as a submodule 2017-08-15 16:05:49 +03:00
Global.h Merge branch 'develop' into handlersAbstraction 2021-07-16 00:32:13 +03:00
license.txt Configure github actions 2021-07-13 14:56:35 +01:00
README.md Replaced Travis CI build badge 2021-07-26 21:02:50 +03:00
VCMI_global_debug.props Major overhaul of VS related files 2017-08-19 15:58:55 +02:00
VCMI_global_release.props Workaround linker bug, set higher optimization by default 2018-11-17 11:34:39 +01:00
VCMI_global_user.props Major overhaul of VS related files 2017-08-19 15:58:55 +02:00
VCMI_global.props Fix to include vstd/CLoggerBase.h 2017-08-19 13:32:24 +02:00
VCMI_VS15.sln Update project files to Visual Studio 2017 2018-01-13 16:33:49 +01:00
vcmi.workspace Entities redesign and a few ERM features 2021-02-14 19:05:43 +03:00
vcmibuilder Fixed tmp resources destination 2020-09-12 15:34:18 +03:00
vcmimanual.tex documentation: use git repo address instead of SVN 2017-05-14 12:29:56 +03:00
Version.cpp.in Code style: move or add licensing information on top of every file 2017-07-14 01:26:03 +03:00
Version.h Add missing include guards 2018-10-29 16:30:50 +01:00

README.md

GitHub AppVeyor Build status Coverity Scan Build Status

VCMI Project

VCMI is work-in-progress attempt to recreate engine for Heroes III, giving it new and extended possibilities.

Links

Installation guides

To use VCMI you need to own original data files.

Building from source

Platform support is constantly tested by continuous integration and CMake configuration adjusted to generate nice looking projects for all major IDE. Following guides will help you to setup build environment with no effort:

Copyright and license

VCMI Project source code is licensed under GPL version 2 or later. VCMI Project assets are licensed under CC-BY-SA 4.0. Assets sources and information about contributors are available under following link: [https://github.com/vcmi/vcmi-assets]

Copyright (C) 2007-2020 VCMI Team (check AUTHORS file for the contributors list)