- --
Viewing Issue Advanced Details
| ID | Category [?] | Severity [?] | Reproducibility | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 05507 | Misc. | Critical (emulator) | Always | Apr 10, 2014, 21:51 | Jan 24, 2015, 19:42 |
| Tester | Firewave | View Status | Public | Platform | MAME (Self-compiled) |
| Assigned To | Haze | Resolution | Fixed | OS | Linux |
| Status [?] | Resolved | Driver | |||
| Version | 0.153 | Fixed in Version | 0.158 | Build | 64-bit |
| Fixed in Git Commit | Github Pull Request # | ||||
| Summary | 05507: zerogun, zerogunj, zerogunaj, zeroguna: AddressSanitizer: global-buffer-overflow | ||||
| Description |
==1619==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000ae8a4af at pc 0x3998af3 bp 0x7fff348dd400 sp 0x7fff348dd3f8
READ of size 128 at 0x00000ae8a4af thread T0
#0 0x3998af2 in model2_state::model2_prot_w(address_space&, unsigned int, unsigned int, unsigned int) /home/notroot/trunk/src/mame/drivers/model2.c:1152
#1 0x7ef533d in delegate_base<void, address_space&, unsigned int, unsigned int, unsigned int, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam>::operator()(address_space&, unsigned int, unsigned int, unsigned int) const /home/notroot/trunk/src/emu/delegate.h:652
#2 0x7ef533d in handler_entry_write::write32(address_space&, unsigned int, unsigned int, unsigned int) const /home/notroot/trunk/src/emu/memory.c:482
#3 0x7ef533d in address_space_specific<unsigned int, (endianness_t)0, true>::write_native(unsigned int, unsigned int, unsigned int) /home/notroot/trunk/src/emu/memory.c:1183
#4 0x6036c9f in i960_cpu_device::execute_run() /home/notroot/trunk/src/emu/cpu/i960/i960.c:1938
#5 0x7f70f80 in device_execute_interface::run() /home/notroot/trunk/src/emu/diexec.h:187
#6 0x7f70f80 in device_scheduler::timeslice() /home/notroot/trunk/src/emu/schedule.c:474
#7 0x7e8adf1 in running_machine::run(bool) /home/notroot/trunk/src/emu/machine.c:378
#8 0x7e821d7 in mame_execute(emu_options&, osd_interface&) /home/notroot/trunk/src/emu/mame.c:194
#9 0x7c82758 in cli_frontend::execute(int, char**) /home/notroot/trunk/src/emu/clifront.c:237
#10 0x5608f55 in main /home/notroot/trunk/src/osd/sdl/sdlmain.c:379
#11 0x7f809e5cede4 in __libc_start_main /build/buildd/eglibc-2.17/csu/libc-start.c:260
#12 0x101071c in _start (/home/notroot/trunk/mame64d+0x101071c)
0x00000ae8a4af is located 17 bytes to the left of global variable '.str36' from 'src/mame/drivers/model2.c' (0xae8a4c0) of size 51
'.str36' is ascii string ' TECMO LTD. DEAD OR ALIVE 1996.10.22 VER. 1.00'
0x00000ae8a4af is located 36 bytes to the right of global variable '.str35' from 'src/mame/drivers/model2.c' (0xae8a480) of size 11
'.str35' is ascii string '98-PILOT '
|
||||
| Steps To Reproduce | |||||
| Additional Information | |||||
| Github Commit | |||||
| Flags | |||||
| Regression Version | |||||
| Affected Sets / Systems | zerogun, zerogunj, zerogunaj, zeroguna | ||||
|
Attached Files
|
|||||
Relationships
| There are no relationship linked to this issue. |
Notes
1
 No.11394
Firewave Senior Tester
Jan 24, 2015, 19:42
|
Fixed by adding proper protection emulation and keys - actually fixed by Haze, MetalliC, Andreas Naive, ... |
|---|