Possible problem with this piece of code is that the
snd_adjust_audio_volume(int type, float percent, int time) function can currently attempt to write outside the aav_data[3] array via an off-by-one. The debug
Assert() check is for an index into that array of less than 4, although as an array starting at zero the three elements have indices 0, 1 and 2.
The one call within the codebase to
snd_adjust_audio_volume() from
sexp_adjust_audio_volume() uses the
audio_volume_option_lookup() function to pick the 'type'. This has a comment "\t1:\tSound Type to adjust, either Master, Music, Voice or Effects\r\n" i.e. 4 elements even though the SEXP doesn't appear to offer the ability to adjust the Master volume, which may be the cause of the confusion.
audio_volume_option_lookup() can also return -1, which is an error code not checked for (on non-Debug), and would have likewise lead to an out of bounds write to the aav_data array.
Proposed fix (
Mantis 2314):
Index: code/sound/sound.cpp
===================================================================
--- code/sound/sound.cpp (revision 6523)
+++ code/sound/sound.cpp (working copy)
@@ -1396,7 +1396,7 @@
void snd_adjust_audio_volume(int type, float percent, int time)
{
- Assert( type >= 0 && type < 4 );
+ Assert( type >= 0 && type < 3 );
switch (type) {
case AAV_MUSIC:
@@ -1420,6 +1420,8 @@
else
aav_data[type].delta = percent - aav_effect_volume;
break;
+ default:
+ Int3();
}
aav_data[type].delta_time = time;