shithub: puzzles

Download patch

ref: 6ee62a43abe7d7e77226415b21d1cbf16dbda85a
parent: e2d390aae872cee4cb16d746af3b2eeb7713cbf5
author: Ben Harris <[email protected]>
date: Sun Feb 26 16:48:10 EST 2023

Correctly handle some short save files

A save file that ended in the middle of a value before the "SAVEFILE"
field had been loaded would cause a read from uninitialised memory.
While technically undefined behaviour this was practically pretty
harmless.  Fixed by handling unexpected EOF here the same an
unexpected EOF anywhere else.

This bug could be demonstrated by loading a truncated save file like
this in a build with MemorySanitizer enabled:

SAVEFILE:41:Simo

--- a/midend.c
+++ b/midend.c
@@ -2340,7 +2340,7 @@
 
         val = snewn(len+1, char);
         if (!read(rctx, val, len)) {
-            if (started)
+            /* unexpected EOF */
             goto cleanup;
         }
         val[len] = '\0';
@@ -2747,7 +2747,7 @@
 
         val = snewn(len+1, char);
         if (!read(rctx, val, len)) {
-            if (started)
+            /* unexpected EOF */
             goto cleanup;
         }
         val[len] = '\0';