New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Long map tree debug dumps result in a buffer overflow #891

Closed
Ghabry opened this Issue May 9, 2016 · 0 comments

Comments

Projects
None yet
1 participant
@Ghabry
Member

Ghabry commented May 9, 2016

Marking this for 0.4.2 because buffer overflows allow code execution.

Name of the game: Dragonball Z: Legend of Z

Describe the issue in detail and how to reproduce it:
Tree: Goku's house enteance(N) < Dbz world map < ------------------------ < Dbz world map < Kami's lookout 24 < Cell Arena < Kami's lookout 23 < Kami's lookout 22 < Brief House fl13 < Brief House fl12 < Dr. Brief office(MR) 3 < Island east 8 < Island east 7 < Island east 6 < Island east 5 < Island east 4 < Island east 3 < Kami's lookout 22 < Island east 2 < Island east < HBTC 7 < inside HBTC 3 < HBTC 6 < HBTC 5 < Kami's lookout 21 < HBTC 4 < inside HBTC 2 < HBTC 3 < Kami lookout HBTC door 4 < Kami lookout HBTC door 3 < Island west 7 < Island west 6 < Island west 5 < Kami lookout HBTC door 2 < Kame house island 20 < Island west 4 < Island west 3 < Island west 2 < HBTC 2 < inside HBTC < HBTC < Island west < Kame house island 19 < Kame house 13 < Kami lookout HBTC door < Kami's lookout 20 < Rocky Cliff main < Rocky cliff trail < Kame house 12 < Nikki city road < Dr.Gero Lab entrance 5 < Cell Lab < Dr.Gero Lab entrance 4 < Dr.Gero Lab entrance 3 < Gero trail < Woods easst 3 < Centium city 6 < Centium city 5 < Centium city 4 < Centium city 3 < Centium city 2 < Centium city < Kami's lookout 19 < Grasslands main 2 < Grasslands main < Grasslands trl p2 < Grasslands trl p1 < Grassland dead end < Grassland entrance < Kame house 11 < Kame house island 18 < Kame house 10 < North mountains < Kame house 9 < Kame house island 17 < Kami's lookout 18 < Kami lookout sky trl < Sky < West City(part 3)7 < Rocky Road 9 < Rocky Road 8 < Rocky Road 7 < Rocky Road 6 < Rocky Road 5 < Rocky Road 4 < Rocky Road 3 < Rocky Road 2 < Rocky Road < Goku mind < Goku's House 12 < Skyyyy < Dr.Gero Lab entrance 2 < Gero lab 2 < Dr.Gero Entrance part 2 < Gero lab < Dr.Gero Lab entrance < Woods easst 2 < Woods easst < Woods 2 < Woods run < Woods < Sky mountains < Sky 2 < sKY < Canyon part 2 6 < Canyon part 2 5 < Canyon part 2 4 < Mountain plains 7 < Skyy < Indigo city west 5 < Canyon part 2 3 < Canyon part 2 2 < Canyon part 2 < Canyon < Goku's House 11 < Mountain plains 6 < Mountain plains 5 < Mountain plains 4 < Mountain plains 3 < Mountain plains 2 < Mountain plains trail < Mountain plains < Indigo hillside 4 < Indigo city west 4 < Indigo city west 3 < Indigo city west 2 < Indigo city west < Indigo hillside 3 < Indigo hillside 2 < Indigo hillside < Indigo hillside trl 2 < Indigo hillside trail 2 < Indigo hillside trail < West City(part 3)6 < Goku's House 10 < Hillside 3 < Hillside 2 < Hillside < Race track 3 < Race track 2 < Lisense place < Race track < Goku's House 9 < Goku's House Entrance 8 < Planet krypton 3 < King Vegeta ship < Planet krypton 2 < Gravitational Chamber 9 < Planet krypton < West City(part 3)5 < Bulma room fl2 4 < Vegeta's mind < Bulma room fl2 3 < Snow mountains 2 < Snow mountains < Snow mountains trl < Snow Valley pt13 < Snow City 2 < Snow Valley pt12 < Snow City < Snow Valley pt1 < Snow Valley pt2 < Snow Valley cliff 2 < Snow Valley cliff < Bulma house D 2 < Bulma house D < Destroyed islands 2 < Destroyed islands < Destroyed W. City(pt 1)3 < Destroyed W.City (pt 2) < Space < Yamcha hideout < sKY < East City Pub/Inn < Destroyed W. City(pt 1)2 < Destroyed W. City(pt 1) < Destroyed W.City (pt 2) < Rural Area nn 5 < Rural Area nn 4 < Rural Area nn 3 < Rural Area nn 2 < Rural Area nn < Rural Area north 6 < Rural Area north 5 < Rural Area north 4 < Rural Area north trl < Rural Area(E) 5 < Rural Area(E) 4 < Rural Area north 3 < Rural Area north 2 < Rural Area north < Rural Area(E) 3 < King Cold Ship < Rural Area(E) 2 < Rural Area(E) < Rural area(E) pt 2 < Rural area(E) trail 2 < Rural area(E) trail < NC Armour shop 2 < NC Item shop 2 < North city house 5 < North city house 4 < North city house 3 < North city house 2 < North city house 1 < North city trail 2 < North city pt2 < North city 2 < Goku's House 8 < Goku's House 7 < Bulma room fl2 3 < West City(part 3)5 < G. Chamber lower flr 6 < Gravitational Chamber 8 < G. Chamber lower flr 5 < Gravitational Chamber 7 < G. Chamber lower flr 4 < Gravitational Chamber 6 < West City(part 3)4 < Bulma room fl2 2 < West City(part 3)3 < Bulma room fl2 < Brief House fl2 < Brief parent room fl2 < Brief¹„�%¸l�é¸Ü�Œ¥

@Ghabry Ghabry added the Crash label May 9, 2016

@Ghabry Ghabry added this to the 0.4.2 milestone May 9, 2016

Ghabry added a commit to Ghabry/easyrpg-player that referenced this issue May 9, 2016

Correctly handle vsnprintf return value and don't rely on assert for …
…terminating when vsprintf overflows the buffer. Fixes #891

Ghabry added a commit to Ghabry/easyrpg-player that referenced this issue May 14, 2016

Correctly handle vsnprintf return value and don't rely on assert for …
…terminating when vsprintf overflows the buffer. Fixes #891

@fdelapena fdelapena closed this in 74add81 May 29, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment