From 63ad0a67153e880d72897221354245920a25514c Mon Sep 17 00:00:00 2001 From: Colin Snover Date: Tue, 10 Jan 2017 19:37:13 -0600 Subject: SCI32: Fix null references in Robot decoder Failing to reduce the size of the ScreenItem arrays causes other parts of the decoder (like RobotDecoder::getFrameSize) to try reading ScreenItems that were already destroyed and nulled out in the list. (In SSCI, the screen item count was held in a separate property instead of being part of the screen item list.) --- engines/sci/video/robot_decoder.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'engines/sci/video') diff --git a/engines/sci/video/robot_decoder.cpp b/engines/sci/video/robot_decoder.cpp index 296fdf8db2..0cb4831159 100644 --- a/engines/sci/video/robot_decoder.cpp +++ b/engines/sci/video/robot_decoder.cpp @@ -1436,6 +1436,14 @@ void RobotDecoder::doVersion5(const bool shouldSubmitAudio) { _screenItemList[i] = nullptr; } } + + if (screenItemCount < oldScreenItemCount) { + _screenItemList.resize(screenItemCount); + _screenItemX.resize(screenItemCount); + _screenItemY.resize(screenItemCount); + _originalScreenItemX.resize(screenItemCount); + _originalScreenItemY.resize(screenItemCount); + } } void RobotDecoder::createCels5(const byte *rawVideoData, const int16 numCels, const bool usePalette) { -- cgit v1.2.3