Opened 6 years ago
Closed 6 years ago
#11966 closed defect (fixed)
SCI: Buffer overflow when loading Korean font
| Reported by: | sluicebox | Owned by: | sluicebox |
|---|---|---|---|
| Priority: | normal | Component: | Engine: SCI |
| Version: | Keywords: | korean | |
| Cc: | Game: |
Description
Support for Korean fan translations was recently added. The font-loading code for 8x16 fonts writes out of bounds and corrupts memory. I'd fix this but I don't know the file format. (or Korean!)
bool FontKoreanSVM::loadData(const char *fontFile) {
...
_fontData8x16Size = numChars8x16 * 16;
_fontData8x16 = new uint8[numChars8x16 * 16];
assert(_fontData8x16);
for (uint i=0; i < _fontData8x16Size; i++)
data->read(&_fontData8x16[i], 2); // buffer overflow on final iteration
To reproduce, display Korean text in at least SQ4CD or GK1CD.
Introduced in: https://github.com/scummvm/scummvm/commit/b7664c24dcc798e5210b215232f4cf21c1e87f23
Change History (1)
comment:1 by , 6 years ago
| Owner: | set to |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Fixed in: b5241be2480bd90692b18421bba6b0e94065b730
Turns out this is the code that reads the ASCII characters from the Korean font. I know a few of those!