Teeworlds - development

Teeworlds

discord.gg/teeworlds / development

For discussions around the development of the official Teeworlds

Between 2021-10-23 00:00:00Z and 2021-10-24 00:00:00Z

[teeworlds/teeworlds] Issue opened: #2967 Heap use after free (read) while running client in CMenus::CBrowserFilter::Switch, menus_browser.cpp:86

The client crashes (only with ASAN) when it starts using default configuration. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN:

export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer"
export CFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer"
cmake ..
make

Remove default configuration, run ...

10:24

[teeworlds/teeworlds] Issue opened: #2968 Segmentation fault (read) while loading map in CMap::Load, map.cpp:52

The client crashes when an invalid map (1.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS="-...

10:25

[teeworlds/teeworlds] Issue opened: #2969 Heap buffer overflow (read) while loading map in CMap::Load, map.cpp:77

The client crashes (only with ASAN) when an invalid map (2.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" ...

10:25

[teeworlds/teeworlds] Issue opened: #2970 Heap use after free (read) while loading map in CDataFileReader::GetItem, datafile.cpp:406

The client crashes (only with ASAN) when an invalid map (3.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" ...

10:26

[teeworlds/teeworlds] Issue opened: #2971 Heap buffer overflow (read) while loading map in CMap::Load, map.cpp:48

The client crashes when an invalid map (4.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS="-...

10:27

[teeworlds/teeworlds] Issue opened: #2972 Heap buffer overflow (read) while loading map in CMapImages::LoadMapImages, mapimages.cpp:55

The client crashes (only with ASAN) when an invalid map (5.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" ...

10:27

[teeworlds/teeworlds] Issue opened: #2973 Segmentation fault (read) while loading map in CCollision::Init, collision.cpp:26

The client crashes when an invalid map (6.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS="-...

10:28

[teeworlds/teeworlds] Issue opened: #2974 Heap buffer overflow (read) while loading map in CLayers::InitTilemapSkip, layers.cpp:83

The client crashes when an invalid map (7.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS="-...

10:29

[teeworlds/teeworlds] Issue opened: #2975 Heap buffer overflow (read) while loading map in CMapLayers::LoadEnvPoints, maplayers.cpp:164

The client crashes when an invalid map (8.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS="-...

10:29

[teeworlds/teeworlds] Issue opened: #2976 Heap buffer overflow (read) while loading map in CMapImages::LoadMapImages, mapimages.cpp:51

The client crashes (only with ASAN) when an invalid map (9.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" ...

10:30

[teeworlds/teeworlds] Issue opened: #2977 Heap buffer overflow (read) while loading map in CRenderTools::RenderQuads, render_map.cpp:237

The client crashes (only with ASAN) when an invalid map (10.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer...

10:31

[teeworlds/teeworlds] Issue opened: #2978 Heap buffer overflow (read) while loading map in CRenderTools::RenderTilemap, render_map.cpp:390

The client crashes (only with ASAN) when an invalid map (11.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer...

10:32

[teeworlds/teeworlds] Issue opened: #2979 Segmentation fault (read) while loading map in CRenderTools::RenderEvalEnvelope, render_map.cpp:148

The client crashes when an invalid map (12.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS=...

10:33

[teeworlds/teeworlds] Issue opened: #2980 Segmentation fault (read) while loading map in CGraphics_Threaded::LoadTextureRaw, graphics_threaded.cpp:375

The client crashes when an invalid map (13.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS=...

10:33

[teeworlds/teeworlds] Issue opened: #2981 Stack buffer overflow (write) while loading map in CMapLayers::LoadEnvPoints, maplayers.cpp:184

The client crashes when an invalid map (14.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS=...

10:34

[teeworlds/teeworlds] Issue opened: #2982 Segmentation fault (read) while parsing map in CMapLayers::LoadEnvPoints, maplayers.cpp:175

The client crashes when an invalid map (15.map.zip) is loaded. Such a map can be delivered to the client by a malicious server. Tested on Ubuntu 20.04 x86_64, Teeworlds version: f35da54b6f2c5f9fd4bbd4559f887ccf8f8cc526 Compilation with ASAN: ``` export CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" export CFLAGS=...

owo

Exported 18 message(s)