Opened 2 hours ago
Last modified 2 hours ago
#15508 new defect
SCUMM: COMI: Invalid read in thumbnail when saving game
| Reported by: | eriktorbjorn | Owned by: | |
|---|---|---|---|
| Priority: | high | Component: | Engine: SCUMM |
| Version: | Keywords: | ||
| Cc: | Game: | Monkey Island 3 |
Description
When I save in The Curse of Monkey Island, using the original save dialog, I get the following Valgrind warning:
==118179== Invalid read of size 4 ==118179== at 0x2B9ABD6: Scumm::ScummEngine_v8::fetchScummVMSaveStateThumbnail(int, bool, int) (saveload.cpp:528) ==118179== by 0x2B9A43E: Scumm::ScummEngine_v8::stampScreenShot(int, int, int, int, int, int) (saveload.cpp:373) ==118179== by 0x2B9A279: Scumm::ScummEngine_v8::stampShotDequeue() (saveload.cpp:336) ==118179== by 0x2BF4CA9: Scumm::ScummEngine::scummLoop(int) (scumm.cpp:2938) ==118179== by 0x2BF3CCE: Scumm::ScummEngine::go() (scumm.cpp:2606) ==118179== by 0x2A6C685: Scumm::ScummEngine::run() (scumm.h:585) ==118179== by 0x2A3828B: runGame(Plugin const*, OSystem&, DetectedGame const&, void const*) (main.cpp:311) ==118179== by 0x2A3A695: scummvm_main (main.cpp:796) ==118179== by 0x2A35341: main (posix-main.cpp:44) ==118179== Address 0x25a92d3e is 38,398 bytes inside a block of size 38,400 alloc'd ==118179== at 0xA1E09F3: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==118179== by 0x72C8260: Graphics::Surface::create(short, short, Graphics::PixelFormat const&) (surface.cpp:79) ==118179== by 0x72DDF0E: Graphics::loadThumbnail(Common::SeekableReadStream&, Graphics::Surface*&, bool) (thumbnail.cpp:179) ==118179== by 0x2B9AB34: Scumm::ScummEngine_v8::fetchScummVMSaveStateThumbnail(int, bool, int) (saveload.cpp:516) ==118179== by 0x2B9A43E: Scumm::ScummEngine_v8::stampScreenShot(int, int, int, int, int, int) (saveload.cpp:373) ==118179== by 0x2B9A279: Scumm::ScummEngine_v8::stampShotDequeue() (saveload.cpp:336) ==118179== by 0x2BF4CA9: Scumm::ScummEngine::scummLoop(int) (scumm.cpp:2938) ==118179== by 0x2BF3CCE: Scumm::ScummEngine::go() (scumm.cpp:2606) ==118179== by 0x2A6C685: Scumm::ScummEngine::run() (scumm.h:585) ==118179== by 0x2A3828B: runGame(Plugin const*, OSystem&, DetectedGame const&, void const*) (main.cpp:311) ==118179== by 0x2A3A695: scummvm_main (main.cpp:796) ==118179== by 0x2A35341: main (posix-main.cpp:44)
I think what may be happening here is that it's reading the last two bytes of the thumbnail buffer, four bytes at a time?
Note:
See TracTickets
for help on using tickets.
