ShuriZma
/
Cxbx-Reloaded
mirror of https://github.com/Cxbx-Reloaded/Cxbx-Reloaded.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix in SetState polling loop 

Once the pFeedback->Header.hEvent event is set, the game is free to free
the buffer that it was pointing to. In HP1 game, the pointer
even lead to the stack. Because that stack was changing a lot,
pFeedback->Header.dwStatus eventually resolved to a non-zero
value and we started to overwrite some random memory.
This commit is contained in:
Jan Gocník 2018-05-20 21:31:01 +02:00
parent 162cd7c511
commit cfa3c3d5ac
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/CxbxKrnl/EmuD3D8.cpp
View File

@ -1782,12 +1782,15 @@ static DWORD WINAPI EmuUpdateTickCount(LPVOID)
if(pFeedback->Header.dwStatus != ERROR_SUCCESS)
{
pFeedback->Header.dwStatus = ERROR_SUCCESS;
if(pFeedback->Header.hEvent != 0)
{
SetEvent(pFeedback->Header.hEvent);
}
pFeedback->Header.dwStatus = ERROR_SUCCESS;
//Make sure we don't check the pFeedback again, as it could be freed by the game
g_pXInputSetStateStatus[v].pFeedback = 0;
}
}
}