Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sound sample NULL pointer dereferences #284

Closed
zear opened this issue Feb 10, 2023 · 1 comment
Closed

Sound sample NULL pointer dereferences #284

zear opened this issue Feb 10, 2023 · 1 comment

Comments

@zear
Copy link
Collaborator

zear commented Feb 10, 2023

It is possible to trigger a NULL pointer dereference by muting sound while in main menu, which prevents sound samples from loading with the rest of game data. When the sound is then unmuted during gameplay, an attempt to play affected sound effects will crash the game. This is most prominent for pratcam sounds.

This issue also occurs in OG and can be triggered in the Windows builds. It most likely has been carried over from the DOS codebase, but hasn't been discovered during original playtesting, since DOS doesn't have the same concept of memory protection as multi-tasking OSes.

Steps to reproduce:

  1. Launch the game.
  2. While in main menu, press s in order to mute sound.
  3. Load a track all the way through into gameplay.
  4. While in-game, press s again to unmute sounds.
  5. Trigger a pratcam sound effect (e.g. by running over peds).
zear added a commit to zear/dethrace that referenced this issue Feb 10, 2023
@zear
Fix NULL pointer dereference in S3StartSound (dethrace-labs#284)
c27e1d2 
If the sound has been muted (!gS3_enabled) during game data loading, it
is then possible to unmute it during gameplay and request a sound effect
which doesn't have a sample loaded (most prominent for pratcam sfx).
While the code accommodates for such a case, it does it too late,
triggering a NULL pointer dereference on platforms which feature memory
protection. This bug is most likely an overlook from the DOS era.

Fix this by moving the sample NULL pointer check before its first use.

Signed-off-by: Artur Rojek <contact@artur-rojek.eu>
@zear
Copy link
Collaborator Author

zear commented Feb 10, 2023

Fixed in #285.

zear added a commit to zear/dethrace that referenced this issue Feb 12, 2023
@zear
Fix NULL pointer dereference in S3StartSound (dethrace-labs#284)
b7ff021 
If the sound has been muted (!gS3_enabled) during game data loading, it
is then possible to unmute it during gameplay and request a sound effect
which doesn't have a sample loaded (most prominent for pratcam sfx).
While the code accommodates for such a case, it does it too late,
triggering a NULL pointer dereference on platforms which feature memory
protection. This bug is most likely an overlook from the DOS era.

Fix this by moving the sample NULL pointer check before its first use.

Signed-off-by: Artur Rojek <contact@artur-rojek.eu>
zear added a commit to zear/dethrace that referenced this issue Feb 19, 2023
@zear
Fix NULL pointer dereference in S3CalculateRandomizedFields (dethrace…
b104036 
…-labs#284)

If the sound has been muted (!gS3_enabled) during game data loading, it
is then possible to unmute it during gameplay and request a sound effect
which doesn't have a sample loaded (most prominent for pratcam sfx).
While logic in `S3StartSound` accommodates for such a case by loading
the missing sample, it first calls `S3CalculateRandomizedFields`, which
triggers a NULL pointer dereference on platforms with memory protection.
This bug is most likely an overlook from the DOS era.

Fix this by checking for NULL pointer before use.

Signed-off-by: Artur Rojek <contact@artur-rojek.eu>
zear added a commit to zear/dethrace that referenced this issue Feb 19, 2023
@zear
Fix NULL pointer dereference in S3CalculateRandomizedFields (dethrace…
ecb6248 
…-labs#284)

If the sound has been muted (!gS3_enabled) during game data loading, it
is then possible to unmute it during gameplay and request a sound effect
which doesn't have a sample loaded (most prominent for pratcam sfx).
While logic in `S3StartSound` accommodates for such a case by loading
the missing sample, it first calls `S3CalculateRandomizedFields`, which
triggers a NULL pointer dereference on platforms with memory protection.
This bug is most likely an overlook from the DOS era.

Fix this by checking for NULL pointer before use.

Signed-off-by: Artur Rojek <contact@artur-rojek.eu>
zear added a commit to zear/dethrace that referenced this issue Feb 19, 2023
@zear
Fix NULL pointer dereference in S3CalculateRandomizedFields (dethrace…
38b5de3 
…-labs#284)

If the sound has been muted (!gS3_enabled) during game data loading, it
is then possible to unmute it during gameplay and request a sound effect
which doesn't have a sample loaded (most prominent for pratcam sfx).
While logic in `S3StartSound` accommodates for such a case by loading
the missing sample, it first calls `S3CalculateRandomizedFields`, which
triggers a NULL pointer dereference on platforms with memory protection.
This bug is most likely an overlook from the DOS era.

Fix this by checking for NULL pointer before use.

Signed-off-by: Artur Rojek <contact@artur-rojek.eu>
zear added a commit that referenced this issue Feb 22, 2023
@zear
Fix NULL pointer dereference in S3CalculateRandomizedFields (#284)
48b70bb 
If the sound has been muted (!gS3_enabled) during game data loading, it
is then possible to unmute it during gameplay and request a sound effect
which doesn't have a sample loaded (most prominent for pratcam sfx).
While logic in `S3StartSound` accommodates for such a case by loading
the missing sample, it first calls `S3CalculateRandomizedFields`, which
triggers a NULL pointer dereference on platforms with memory protection.
This bug is most likely an overlook from the DOS era.

Fix this by checking for NULL pointer before use.

Signed-off-by: Artur Rojek <contact@artur-rojek.eu>
@zear zear closed this as completed Feb 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zear