The crash occurs here:
What happens if it->first > 3? The following, none of which is good:Code:for(std::map<int, pair<string,string> >::iterator it = globalmap.begin(); it != globalmap.end(); it++) { if(it->second.second != "") { tempfile = fopen("tmp","w"); if(!tempfile) { jwin_alert("Error","Unable to create a temporary file in current directory!",NULL,NULL,"O&K",NULL,'k',0,lfont); return D_O_K; } if(output) { al_trace("\n"); al_trace("%s",it->second.second.c_str()); al_trace("\n"); } for(vector<Opcode *>::iterator line = scripts[it->second.second].begin(); line != scripts[it->second.second].end(); line++) { string theline = (*line)->printLine(); fwrite(theline.c_str(), sizeof(char), theline.size(),tempfile); if(output) { al_trace("%s",theline.c_str()); } } fclose(tempfile); parse_script_file(&globalscripts[it->first],"tmp",false); } else if(globalscripts[it->first]) { delete[] globalscripts[it->first]; globalscripts[it->first] = new ffscript[1]; globalscripts[it->first][0].command = 0xFFFF; } }
- delete[] gets called on a random memory address that was not new[]ed'
- the results of new ffscript[1]; get written into a random memory address.
Your operating system is not required to kill your program when you write to a bad memory address; it can simply silently corrupt your data instead. If your program is not crashing, that is what's happening.
For example, since the global script variables are allocated like
it's likely that on your OS, the code is silently corrupting the linkscripts, instead of crashing.Code:ffscript *globalscripts[NUMSCRIPTGLOBAL]; ffscript *linkscripts[NUMSCRIPTLINK];
Reply With Quote