mpo/VVVVVV
1
0
Fork 0
mirror of https://github.com/TerryCavanagh/VVVVVV.git synced 2024-06-25 05:58:30 +02:00
Code Issues Releases Wiki Activity
2,839 Commits 3 Branches 10 Tags 57 MiB
ActionScript 54.7%
C++ 44.1%
C 0.6%
Java 0.4%
CMake 0.2%
2f217dad56
Go to file
Misa 2f217dad56 Fix segfault: unwordwrap string w/ 2 start \ns 
This fixes a segmentation fault caused by an out-of-bounds indexing
caused by an attempt to unwordwrap a string that starts with two
newlines.

The problem here is that in the branch of the function
string_unwordwrap() where `consecutive_newlines == 1`, the function does
not check that the string `result` isn't empty before attempting to
index `result.size()-1`. If `result` is empty, then `result.size()` is
0, and `result.size()-1` becomes -1, and indexing a string at position
-1 is always undefined behavior.

Funnily enough, a similar indexing happens just a few lines down, but
this time, there is a check to make sure that the string isn't empty
first. I'm unsure of how Dav999 forgot that check a few lines earlier.

This situation can happen in practice, with custom level localizations.
I made a level with a filename of testloc.vvvvvv and created a file at
lang/fr/levels/testloc/custom_cutscenes.xml with the following content:

    <?xml version="1.0" encoding="UTF-8"?>
    <cutscenes>
        <cutscene id="test" explanation="">
            <dialogue speaker="cyan" english="This is text..." translation="blarg"/>
        </cutscene>
    </cutscenes>

Then I switched to French, created a script named `test`, and created a
text box that started with two newlines (so in total, the text box must
be at least 3 lines in length). Running the script triggers the segfault
when the text box is created. (Well, technically, on my machine, it
triggers an assertion fail in libstdc++ and aborts, but that's basically
the same thing.)

To fix this while still preserving the exact amount of newlines, if
`result` is empty, we add a newline instead of attempting to index the
string.
2024-01-20 17:52:17 -08:00
.github Add third_party/ to CI workflow paths 2024-01-09 23:13:39 -08:00
desktop_version Fix segfault: unwordwrap string w/ 2 start \ns 2024-01-20 17:52:17 -08:00
mobile_version Update readme.MD 2024-01-02 22:27:05 +01:00
third_party Update PhysicsFS to 3.2.0 2024-01-10 08:55:59 -05:00
tools Update readme.MD 2024-01-02 22:27:05 +01:00
.gitattributes fix actionscript misclassified as angelscript 2020-01-12 15:18:45 -05:00
.gitmodules Add SheenBidi submodule 2024-01-08 19:17:44 -08:00
License exceptions.md Fixed broken table in License exceptions.md 2024-01-02 22:27:05 +01:00
LICENSE.md Update LICENSE.md 2024-01-02 22:27:05 +01:00
logo.gif Update logo.gif 2024-01-02 22:27:05 +01:00
README.md Added a link in the readme directly to the desktop_version folder 2024-01-02 22:27:05 +01:00

README.md

logo

This is the source code to VVVVVV, the 2010 indie game by Terry Cavanagh, with music by Magnus Pålsson. You can read the announcement of the source code release on Terry's blog!

The source code for the desktop version is in this folder.

VVVVVV is still commerically available at thelettervsixtim.es if you'd like to support it, but you are completely free to compile the game for your own personal use. If you're interested in distributing a compiled version of the game, see LICENSE.md for more information.

Discussion about VVVVVV updates mainly happens on the "unofficial" VVVVVV discord, in the vvvvvv-code channel.

Credits