Skip to content
Snippets Groups Projects

Fix segfault when passing a long string to v.drawString

Merged Fix segfault when passing a long string to v.drawString
Hanicef/SRB2Classic:fix-buffer-overflow-hud-string into next
Merged Hanicef requested to merge Hanicef/SRB2Classic:fix-buffer-overflow-hud-string into next

If a long string is passed to v.drawString, the game would segfault due to the string copy mechanism not resizing it's string buffer to a large enough size. This can be reproduced with this Lua script:

hud.add(function (v, stplyr, cam)
	local s = "aaaaa"
	for i = 0,5 do
		s = s .. s
	end
	v.drawString(0, 0, s)
end)

The fix simply makes sure to keep expanding the buffer size until it's ensured that there is enough space to fit the new string.

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Loading
  • Loading
  • Loading
Please register or sign in to reply