ioquake/ioq3
0
0
Fork 0
mirror of https://github.com/ioquake/ioq3.git synced 2024-11-10 07:11:46 +00:00
Code Issues Projects Releases Packages Wiki Activity

Enable check to avoid crash in DLLs; signed->unsigned cast; code formatting

Browse source
This commit is contained in:
Keegan van der Laag 2020-02-04 23:24:23 -08:00
parent e7bb7391ec
commit a4a4841cb8
3 changed files with 25 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
code/client/cl_cgame.c
View file

@ -427,27 +427,27 @@ intptr_t CL_CgameSystemCalls( intptr_t *args ) {
Cvar_SetSafe( VMA(1), VMA(2) );
return 0;
case CG_CVAR_VARIABLESTRINGBUFFER:
VM_CHECKBOUNDS(cgvm, args[2], args[3]);
VM_CHECKBOUNDS( cgvm, args[2], args[3] );
Cvar_VariableStringBuffer( VMA(1), VMA(2), args[3] );
return 0;
case CG_ARGC:
return Cmd_Argc();
case CG_ARGV:
VM_CHECKBOUNDS(cgvm, args[2], args[3]);
VM_CHECKBOUNDS( cgvm, args[2], args[3] );
Cmd_ArgvBuffer( args[1], VMA(2), args[3] );
return 0;
case CG_ARGS:
VM_CHECKBOUNDS(cgvm, args[1], args[2]);
VM_CHECKBOUNDS( cgvm, args[1], args[2] );
Cmd_ArgsBuffer( VMA(1), args[2] );
return 0;
case CG_FS_FOPENFILE:
return FS_FOpenFileByMode( VMA(1), VMA(2), args[3] );
case CG_FS_READ:
VM_CHECKBOUNDS(cgvm, args[1], args[2]);
VM_CHECKBOUNDS( cgvm, args[1], args[2] );
FS_Read( VMA(1), args[2], args[3] );
return 0;
case CG_FS_WRITE:
VM_CHECKBOUNDS(cgvm, args[1], args[2]);
VM_CHECKBOUNDS( cgvm, args[1], args[2] );
FS_Write( VMA(1), args[2], args[3] );
return 0;
case CG_FS_FCLOSEFILE:
@ -582,11 +582,11 @@ intptr_t CL_CgameSystemCalls( intptr_t *args ) {
case CG_R_LERPTAG:
return re.LerpTag( VMA(1), args[2], args[3], args[4], VMF(5), VMA(6) );
case CG_GETGLCONFIG:
VM_CHECKBOUNDS(cgvm, args[1], sizeof(glconfig_t));
VM_CHECKBOUNDS( cgvm, args[1], sizeof(glconfig_t) );
CL_GetGlconfig( VMA(1) );
return 0;
case CG_GETGAMESTATE:
VM_CHECKBOUNDS(cgvm, args[1], sizeof(gameState_t));
VM_CHECKBOUNDS( cgvm, args[1], sizeof(gameState_t) );
CL_GetGameState( VMA(1) );
return 0;
case CG_GETCURRENTSNAPSHOTNUMBER:
@ -619,15 +619,15 @@ intptr_t CL_CgameSystemCalls( intptr_t *args ) {
case CG_MEMSET:
VM_CHECKBOUNDS(cgvm, args[1], args[3]);
VM_CHECKBOUNDS( cgvm, args[1], args[3] );
Com_Memset( VMA(1), args[2], args[3] );
return 0;
case CG_MEMCPY:
VM_CHECKBOUNDS2(cgvm, args[1], args[2], args[3]);
VM_CHECKBOUNDS2( cgvm, args[1], args[2], args[3] );
Com_Memcpy( VMA(1), VMA(2), args[3] );
return 0;
case CG_STRNCPY:
VM_CHECKBOUNDS2(cgvm, args[1], args[2], args[3]);
VM_CHECKBOUNDS2( cgvm, args[1], args[2], args[3] );
strncpy( VMA(1), VMA(2), args[3] );
return args[1];
case CG_SIN:
@ -699,7 +699,7 @@ intptr_t CL_CgameSystemCalls( intptr_t *args ) {
return getCameraInfo(args[1], VMA(2), VMA(3));
*/
case CG_GET_ENTITY_TOKEN:
VM_CHECKBOUNDS(cgvm, args[1], args[2]);
VM_CHECKBOUNDS( cgvm, args[1], args[2] );
return re.GetEntityToken( VMA(1), args[2] );
case CG_R_INPVS:
return re.inPVS( VMA(1), VMA(2) );

8
code/qcommon/qcommon.h
View file

@ -375,14 +375,14 @@ void VM_Debug( int level );
macros which cause them to be omitted, and is definitely unsafe, though
more performant. */
#ifndef _IOQ3_INSECURE_QVM
void VM_CheckBounds(const vm_t* vm, unsigned int address, unsigned int length);
void VM_CheckBounds2(const vm_t* vm, unsigned int addr1, unsigned int addr2, unsigned int length);
void VM_CheckBounds( const vm_t* vm, unsigned int address, unsigned int length );
void VM_CheckBounds2( const vm_t* vm, unsigned int addr1, unsigned int addr2, unsigned int length );
#define VM_CHECKBOUNDS VM_CheckBounds
#define VM_CHECKBOUNDS2 VM_CheckBounds2
#else
#define VM_CHECKBOUNDS(a,b)
#define VM_CHECKBOUNDS2(a,b,c)
#define VM_CHECKBOUNDS( a, b )
#define VM_CHECKBOUNDS2( a, b, c )
#endif
void *VM_ArgPtr( intptr_t intValue );
void *VM_ExplicitArgPtr( vm_t *vm, intptr_t intValue );

14
code/qcommon/vm.c
View file

@ -71,9 +71,12 @@ VM_CheckBounds
*/
void VM_CheckBounds(const vm_t* vm, unsigned int address, unsigned int length)
{
if ((address | length) > vm->dataMask || (address + length) > vm->dataAlloc)
if (!vm->entryPoint)
{
Com_Error(ERR_DROP, "program tried to bypass data segment bounds");
if ((address | length) > (unsigned)vm->dataMask || (address + length) > vm->dataAlloc)
{
Com_Error(ERR_DROP, "program tried to bypass data segment bounds");
}
}
}
@ -85,9 +88,12 @@ VM_CheckBounds2
*/
void VM_CheckBounds2(const vm_t* vm, unsigned int addr1, unsigned int addr2, unsigned int length)
{
if ((addr1 | addr2 | length) > vm->dataMask || (addr1 + length) > vm->dataAlloc || (addr2 + length) > vm->dataAlloc)
if (!vm->entryPoint)
{
Com_Error(ERR_DROP, "program tried to bypass data segment bounds");
if ((addr1 | addr2 | length) > (unsigned)vm->dataMask || (addr1 + length) > vm->dataAlloc || (addr2 + length) > vm->dataAlloc)
{
Com_Error(ERR_DROP, "program tried to bypass data segment bounds");
}
}
}