incidentalstoat/blankart
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix realloc use-after-free, better safeguard the defaultvalue overwrite

Browse source
This commit is contained in:
yamamama 2025-12-26 17:35:26 -05:00
parent 606784ce14
commit 7331e41b57
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/deh_soc.c
View file

@ -4266,10 +4266,10 @@ void readkartresult(MYFILE *f, kartresult_t *result)
//CONS_Printf("Allocated cvar data successfully\n"); //CONS_Printf("Allocated cvar data successfully\n");
} }
else else if (result->augcvar[idx]->defaultvalue)
{ {
// Reallocate the data and set a new default value. // Reallocate the data and set a new default value.
realloc(result->augcvar[idx]->defaultvalue, strlen(va("%d", result->baserunneraug[idx]))+1); result->augcvar[idx]->defaultvalue = realloc(result->augcvar[idx]->defaultvalue, strlen(va("%d", result->baserunneraug[idx]))+1);
sprintf(result->augcvar[idx]->defaultvalue, "%d", result->baserunneraug[idx]); sprintf(result->augcvar[idx]->defaultvalue, "%d", result->baserunneraug[idx]);
CV_StealthSet(result->augcvar[idx], result->augcvar[idx]->defaultvalue); CV_StealthSet(result->augcvar[idx], result->augcvar[idx]->defaultvalue);