Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Attempting to create an array of size 2147483648 and up crashes the whole game, not just the script. #7641
Version of OpenTTD
Crash logs are from 20190603-master-g846fc8fe09, but this bug has probably been in the game since NoAI/NoGo has been implemented.
Steps to reproduce
In Start() of any AI or Game Script, put
Example code (main.nut):
It's difficult to safely limit Squirrel memory allocations without modifying the core Squirrel runtime. I did originally try to block allocations in #7516 if they broke the limit, but it turned out Squirrel did not handle failing allocations, and it made it impossible to recover from.
Are you testing with 32 bit or 64 bit builds? In 64 bit builds an allocations of 2**31 should technically be able to succeed, but I don't know if the allocator is happy with it still.
Regardless, I don't consider this a security issue at least, more of a "well don't do that then".
All of my builds that I've used (since 2017) have been 32-bit. This is because I have a 32-bit system.
Why does this have to do with the allocator, even though the array size being at least 2**31 should already have been invalid? Other languages and compilers throw an error with array sizes greater than 2**31. Why not OpenTTD's version of Squirrel?