qf/quakeforge
0
0
Fork 0
mirror of https://git.code.sf.net/p/quake/quakeforge synced 2024-11-22 20:41:20 +00:00
Code Issues Projects Releases Packages Wiki Activity

[gamecode] Use an explicit size for the null page

Browse source 
It's currently only 4 (or even 3 for v6) words, but this fixes false
positives when checking for null pointers in Ruamoko progs due to
pr_return pointing to the return buffer and thus outside the progs
memory map resulting in an impossible to exceed value.
This commit is contained in:
Bill Currie 2022-02-01 16:43:29 +09:00
parent c84fb3e6d3
commit 6514e09e7c
3 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
include/QF/progs.h
View file

@ -1942,7 +1942,8 @@ struct progs_s {
pr_def_t *pr_fielddefs;
dstatement_t *pr_statements;
pr_type_t *pr_globals;
unsigned globals_size;
pr_uint_t globals_size;
pr_uint_t null_size; ///< size of block considered null page
pr_uivec4_t pr_bases; ///< base registers (index in opcode)
///@}

2
libs/gamecode/pr_exec.c
View file

@ -351,7 +351,7 @@ PR_LeaveFunction (progs_t *pr, int to_engine)
VISIBLE void
PR_BoundsCheckSize (progs_t *pr, pr_ptr_t addr, unsigned size)
{
if (addr < (pr_ptr_t) (pr->pr_return - pr->pr_globals))
if (addr < pr->null_size)
PR_RunError (pr, "null pointer access");
if (addr >= pr->globals_size
|| size > (unsigned) (pr->globals_size - addr))

1
libs/gamecode/pr_resolve.c
View file

@ -142,6 +142,7 @@ PR_ResolveGlobals (progs_t *pr)
goto error;
pr->pr_param_alignment = G_INT (pr, def->ofs);
}
pr->null_size = pr->pr_return - pr->pr_globals;
memcpy (pr->pr_real_params, pr->pr_params, sizeof (pr->pr_params));
if (!pr->globals.ftime) {//FIXME double time
if ((def = PR_FindGlobal (pr, "time")))