Crash when displaying savegame list

Korshun · Post by **Korshun** » Thu Apr 11, 2019 1:45 pm

We have updated The Forestale to GZDoom 3.7.2 and got a crash when displaying the savegame list. It was traced to the following code:

PNGTexture_CreateFromFile:

Code: Select all

	// Reject anything that cannot be put into a savegame picture by GZDoom itself.
	if (compression != 0 || filter != 0 || interlace > 0 || bitdepth != 8 || (colortype != 2 && colortype != 3)) return nullptr;
	else return new FPNGFileTexture (png->File, width, height, colortype);

FSavegameManager::ExtractSaveData:

Code: Select all

				PNGHandle *png = M_VerifyPNG(picreader);
				if (png != nullptr)
				{
					SavePic = PNGTexture_CreateFromFile(png, node->Filename);
					delete png;
					if (SavePic->GetDisplayWidth() == 1 && SavePic->GetDisplayHeight() == 1)

The problem is that if any of the paramaters in if (compression != 0 || filter != 0 || interlace > 0 || bitdepth != 8 || (colortype != 2 && colortype != 3)) is incorrect, PNGTexture_CreateFromFile returns a null pointer and FSavegameManager::ExtractSaveData accesses it. One of the savegames had a wrong colortype, presumably because it was saved without a screenshot. Even if it got a bad colortype for a different reason, that's no reason to crash instead of ignoring the file.

Post by **Rachael** » Thu Apr 11, 2019 2:39 pm

Even if it got a bad colortype for a different reason, that's no reason to crash instead of ignoring the file.

While philosophically we'd agree with you, we cannot support 3.7.2, and as I recall 4.0.0 had a lot of savegame fixes. So unless you upgrade, you're SOL.

Korshun · Post by **Korshun** » Thu Apr 11, 2019 2:58 pm

No problem. The customized version of GZDoom we use fixes the problem. I was just reminded to report this bug because the game is releasing.

Post by **_mental_** » Fri Apr 12, 2019 9:21 am

Fixed in 61a8f12.

ZDoom