From 20fb33a668e6f14732b94092b8f069c18ca15ab1 Mon Sep 17 00:00:00 2001 From: Thierry Crozat Date: Sun, 18 Oct 2020 23:19:13 +0100 Subject: [PATCH] SWORD1: Fix use of uninitialized variables in PSX demo music The music tab file in the PSX demo seems to be truncated and we were seeking beyond the end of the file for some music (such as the one for the menu), and then trying to read without any checks that either the seek or read succeeded. This caused the code to then use uninitialized variables causing random issues (such as getting some noise). We now ignore the music id that are beyond the end of the broken tab file. --- engines/sword1/music.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/engines/sword1/music.cpp b/engines/sword1/music.cpp index 6a0a3d1e706..428f42a4180 100644 --- a/engines/sword1/music.cpp +++ b/engines/sword1/music.cpp @@ -121,7 +121,12 @@ bool MusicHandle::playPSX(uint16 id, bool loop) { if (!tableFile.open("tunes.tab")) return false; - tableFile.seek((id - 1) * 8, SEEK_SET); + // The PSX demo has a broken/truncated tunes.tab. So we check here that the offset is not + // beyond the end of the file. + int32 tableOffset = (id - 1) * 8; + if (tableOffset >= tableFile.size()) + return false; + tableFile.seek(tableOffset, SEEK_SET); uint32 offset = tableFile.readUint32LE() * 0x800; uint32 size = tableFile.readUint32LE();