ToME 2.3.5 - Crash on Save/Load

[Gloomshrou]

This topic has been written about several times (over the course of more than a decade), but I have yet to see any resolutions.

I am playing ToME 2.3.5 as found in the Software Manager of Linux Mint 17.2 "Rafaela." However, whenever I try to save, I crash to desktop. Anyone else have this problem and/or know how to fix it?

[Lord Estraven]

My recommendation is to install cmake, git, build-essential, and xorg-dev, and then check out v.2.3.9-ah

Code: Select all

git clone -b v2.3.9-ah https://gitlab.com/tome2/tome2.git

and compile

Code: Select all

cd tome2
cmake .
nice make

Alternatively, if you want to stick with 2.3.5, you could install gdb and try to pinpoint the issue.

Code: Select all

gdb /usr/bin/tome2
run -mx11

And then when you get a crash

Code: Select all

bt

will get you a stack trace, showing which function it crashed in.

Good luck!

P.S. I bet this is Ubuntu's buffer overflow detection.

Edit: actually let me try to reproduce this...

[Lord Estraven]

Yeah, this is Ubuntu's buffer overflow detection killing the program. You'll have to either upgrade to the tome2-ah versions, or fix the bug and recompile. Let me see if I can figure out where it's bugging out exactly.

[Lord Estraven]

So, this is a bad strcpy call in do_subrace() in loadsave.c, line 240. I'm guessing the target buffer is too small, thus the buffer overflow detection.

[Lord Estraven]

@Gloomshrou

The issue appears to be that the buffer is one character too short. do_string() applies a terminating NUL past the end of the buffer, which is caught by buffer overflow protection and crashes the program. Changing

Code: Select all

static void do_subrace(int flag)
{
        player_race_mod *sr_ptr = &race_mod_info[SUBRACE_SAVE];
        int i;
        char buf[81];
...

to have

Code: Select all

        char buf[82];

instead, fixes the crash... at least for now.

(But frankly I'm very distrustful of that I/O code in loadsave.c, and think you should upgrade to 2.3.9-ah anyway. )