Bug#727781: zsnes: Fatal error when loading state (DSP-1 ROM)
Etienne Millon
me at emillon.org
Sat Oct 26 18:06:52 UTC 2013
Package: zsnes
Version: 1.510+bz2-6
Severity: normal
Hi,
While loading a ROM I noticed that a fatal error due to FORTIFY_SOURCE
made zsnes abort with the following error message:
*** buffer overflow detected ***: /usr/bin/zsnes terminated
(see also #712790 for the general case)
After further investigation it seems that the following line is the
culprit (zstate.c +189):
copy_func(&buffer, &DSP1COp, 70+128);
The game uses indeed the DSP-1 coprocessor, and DSP1COp is declared as
a "extern unsigned char" in C (and "resb 1" in asm) but is used to
address the next variables.
I'm working on a patch to address this particular issue, but other
coprocessors probably use a similar system to load states.
--
Etienne Millon
More information about the Pkg-games-devel
mailing list