[Gtkradiant] [Bug 649] New: Scriplib causing memory corruption on C-style comment

gtkradiant@zerowing.idsoftware.com gtkradiant@zerowing.idsoftware.com
Fri, 25 Oct 2002 21:44:40 -0500


http://zerowing.idsoftware.com/bugzilla/show_bug.cgi?id=649

           Summary: Scriplib causing memory corruption on C-style comment
           Product: GtkRadiant
           Version: 1.2
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: tools
        AssignedTo: ttimo@idsoftware.com
        ReportedBy: ydnar@shaderlab.com


The attached shader file, when included in shaderlist.txt, will cause Q3Map to 
eventually crash. Something in scriplib.c is HOSING malloc() and causing it to 
start reallocating the same memory multiple times. The bug manifests itself as 
a memory exception much, much later in the program's execution.

Fortunately it was the exact same crash on the exact same struct linked-list, 
just in different places in the code.

The C-style comment code /* */ parser in scriplib.c is broken. It still parses 
for tokens even when /* is reached, causing failure in shader parser. If there 
is no token immediately following the comment, the memory corruption occurs. If 
*/ appears on its own line, it isn't recognized.

I give this one this week's Really Fucking Weird Bug award.