From d3d00345c542c8d7cc74e2e8a577bdf76f79c701 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20K=C3=B6ppe?= Date: Mon, 22 Jan 2018 16:03:19 +0000 Subject: [PATCH] [q3map2/{vis,visflow}.c] Reinstate offsetof-based size computation. The logic isn't entirely legitimate, since fixedWinding_t is a fixed-size type that is *sometimes* treated as a variable-sized type, but it would require deeper refactoring to make this strictly conforming. As it is, we just keep the offset computation as a reasonable way to calculate the allocation size. Fixes #583. --- tools/quake3/q3map2/vis.c | 2 +- tools/quake3/q3map2/visflow.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/quake3/q3map2/vis.c b/tools/quake3/q3map2/vis.c index be1e8138..64107c71 100644 --- a/tools/quake3/q3map2/vis.c +++ b/tools/quake3/q3map2/vis.c @@ -65,7 +65,7 @@ fixedWinding_t *NewFixedWinding( int points ){ Error( "NewWinding: %i points", points ); } - size = sizeof( *w ) + sizeof( *w->points ) * points; + size = offsetof( fixedWinding_t, points ) + sizeof( *w->points ) * points; w = safe_malloc( size ); memset( w, 0, size ); diff --git a/tools/quake3/q3map2/visflow.c b/tools/quake3/q3map2/visflow.c index ff390b50..2664682c 100644 --- a/tools/quake3/q3map2/visflow.c +++ b/tools/quake3/q3map2/visflow.c @@ -1423,7 +1423,7 @@ void CreatePassages( int portalnum ){ /* ydnar: prefer correctness to stack overflow */ //% memcpy( &in, p->winding, (int)((fixedWinding_t *)0)->points[p->winding->numpoints] ); if ( p->winding->numpoints <= MAX_POINTS_ON_FIXED_WINDING ) { - memcpy( &in, p->winding, sizeof( *p->winding ) + sizeof( *p->winding->points ) * p->winding->numpoints ); + memcpy( &in, p->winding, offsetof( fixedWinding_t, points ) + sizeof( *p->winding->points ) * p->winding->numpoints ); } else{ memcpy( &in, p->winding, sizeof( fixedWinding_t ) );