Issue 684: editor: sanitize address crash after saving map - FreedroidRPG issues

Title	editor: sanitize address crash after saving map
Priority	important	Status	rejected
Assigned To		Keywords	editor
Linked issues		Watchers

Submitted on 2013-09-10 12h18 by matthiaskrgr, last changed by fluzz.

Messages
Author: matthiaskrgr	Date: 2013-09-10 12h18
I saved a map and after the map was saved, the editor crashed: ================================================================= ==21074== ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60a4000287d8 at pc 0x53a62d bp 0x7fff55255f30 sp 0x7fff55255f28 READ of size 8 at 0x60a4000287d8 thread T0 #0 0x53a62c (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x53a62c) #1 0x4f8401 (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x4f8401) #2 0x504a69 (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x504a69) #3 0x415ca4 (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x415ca4) #4 0x7f6360dfebc4 (/usr/lib/libc-2.18.so+0x21bc4) #5 0x41644c (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x41644c) 0x60a4000287d8 is located 40 bytes to the left of 73728-byte region [0x60a400028800,0x60a40003a800) allocated by thread T0 here: #0 0x7f63628b5625 (/usr/lib/libasan.so.0.0.0+0x15625) #1 0x43aafa (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x43aafa) #2 0x467ed6 (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x467ed6) #3 0x469fcc (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x469fcc) #4 0x415bc6 (/home/matthias/vcs/git/freedroid/src/freedroidRPG+0x415bc6) #5 0x7f6360dfebc4 (/usr/lib/libc-2.18.so+0x21bc4) Shadow bytes around the buggy address: 0x0c14ffffd0a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c14ffffd0b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c14ffffd0c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c14ffffd0d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c14ffffd0e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x0c14ffffd0f0: fa fa fa fa fa fa fa fa fa fa fa[fa]fa fa fa fa 0x0c14ffffd100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c14ffffd110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c14ffffd120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c14ffffd130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c14ffffd140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap righ redzone: fb Freed Heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 ASan internal: fe ==21074== ABORTING addr2line -e ./src/freedroidRPG 0x53a62c 0x4f8401 0x504a69 0x415ca4 0x41644c 0x43aafa 0x467ed6 0x469fcc /home/matthias/vcs/git/freedroid/src/lvledit/lvledit_widgets.c:317 /home/matthias/vcs/git/freedroid/src/widgets/widget_group.c:225 /home/matthias/vcs/git/freedroid/src/lvledit/lvledit.c:282 /home/matthias/vcs/git/freedroid/src/main.c:185 ??:? /home/matthias/vcs/git/freedroid/src/dynarray.c:37 /home/matthias/vcs/git/freedroid/src/init.c:607 /home/matthias/vcs/git/freedroid/src/init.c:1144 /home/matthias/vcs/git/freedroid/src/main.c:149 @ 4bad571cf709631d7be79205cbcc6f84c31db3e9
Author: fluzz	Date: 2015-01-12 14h00
Can you reproduce ?
Author: fluzz	Date: 2015-03-10 18h39
Old ticket that I can not reproduce. Closing it.

History
Date	User	Action	Args
2015-03-10 18:39:02	fluzz	set	status: open -> rejected messages: + msg3085
2015-01-12 14:00:03	fluzz	set	messages: + msg3036
2013-09-11 12:50:28	matthiaskrgr	link	issue685 linked
2013-09-10 12:18:42	matthiaskrgr	create