←back to thread

How a 20 year old bug in GTA San Andreas surfaced in Windows 11 24H2

(cookieplmonster.github.io)
1371 points yett | 2 comments | 23 Apr 25 14:00 UTC | HN request time: 0.427s | source
Show context
jandrese ◴[23 Apr 25 16:53 UTC] No.43774091[source]
> Not ignore the compilation warnings – this code most likely threw a warning in the original code that was either ignored or disabled!

What compiler error would you expect here? Maybe not checking the return value from scanf to make sure it matches the number of parameters? Otherwise this seems like a data file error that the compiler would have no clue about.

replies(3): >>43775089 #>>43777497 #>>43778191 #
burch45 ◴[23 Apr 25 18:22 UTC] No.43775089[source]
Undefined behavior to access the uninitialized memory. A sanitizer would have flagged that.
replies(2): >>43775220 #>>43775229 #
jandrese ◴[23 Apr 25 18:31 UTC] No.43775220[source]
The compiler has no way of knowing that the memory would be undefined, not unless it somehow can verify the data file. The most I think it can do is flag the program for not checking the return value of scanf, but even that is unlikely to be true since the program probably was checking for end of file which is also in the return value. It was failing to check the number of matched parameters. This is the kind of error that is easy to miss given the semantics of scanf.
replies(2): >>43775241 #>>43775941 #
1. andrewmcwatters ◴[23 Apr 25 18:32 UTC] No.43775241[source]
Uninitialized variables are a really common case.
replies(1): >>43776366 #
2. gmueckl ◴[23 Apr 25 20:34 UTC] No.43776366[source]
The pointer to the uninitialized variable is passed to scanf, which writes a value there unless it encounters an error. The compiler cannot understand this contract from the scanf declaration alone.