mirror of
https://github.com/DrBeef/Raze.git
synced 2024-11-15 08:52:00 +00:00
Make g_player a +1 offset pointer into 'static g_player_s[1 + MAXPLAYER]'.
This fixes the out-of-bounds read of former g_player[] in VM_EventCommon_(). git-svn-id: https://svn.eduke32.com/eduke32@4961 1a8010ca-5511-0410-912e-c29ae57300e0
This commit is contained in:
parent
c3ddf08fd1
commit
952a723229
4 changed files with 44 additions and 37 deletions
|
@ -9079,17 +9079,15 @@ static int32_t preinitcalled = 0;
|
|||
|
||||
// #define DYNALLOC_ARRAYS
|
||||
|
||||
#ifndef DYNALLOC_ARRAYS
|
||||
# if !defined DEBUG_MAIN_ARRAYS
|
||||
#ifdef DYNALLOC_ARRAYS
|
||||
void *blockptr = NULL;
|
||||
#elif !defined DEBUG_MAIN_ARRAYS
|
||||
static spriteext_t spriteext_s[MAXSPRITES+MAXUNIQHUDID];
|
||||
static spritesmooth_t spritesmooth_s[MAXSPRITES+MAXUNIQHUDID];
|
||||
static sectortype sector_s[MAXSECTORS + M32_FIXME_SECTORS];
|
||||
static walltype wall_s[MAXWALLS + M32_FIXME_WALLS];
|
||||
static spritetype sprite_s[MAXSPRITES];
|
||||
static tspritetype tsprite_s[MAXSPRITESONSCREEN];
|
||||
# endif
|
||||
#else
|
||||
void *blockptr = NULL;
|
||||
#endif
|
||||
|
||||
int32_t preinitengine(void)
|
||||
|
@ -9142,15 +9140,13 @@ int32_t preinitengine(void)
|
|||
}
|
||||
}
|
||||
|
||||
#else
|
||||
# if !defined DEBUG_MAIN_ARRAYS
|
||||
#elif !defined DEBUG_MAIN_ARRAYS
|
||||
sector = sector_s;
|
||||
wall = wall_s;
|
||||
sprite = sprite_s;
|
||||
tsprite = tsprite_s;
|
||||
spriteext = spriteext_s;
|
||||
spritesmooth = spritesmooth_s;
|
||||
# endif
|
||||
#endif
|
||||
|
||||
if ((e = Bgetenv("BUILD_NOP6")) != NULL)
|
||||
|
|
|
@ -112,11 +112,22 @@ G_EXTERN intptr_t *g_scriptPtr;
|
|||
G_EXTERN int32_t *labelcode,*labeltype;
|
||||
G_EXTERN intptr_t *script;
|
||||
G_EXTERN map_t MapInfo[(MAXVOLUMES+1)*MAXLEVELS]; // +1 volume for "intro", "briefing" and "loading" music
|
||||
|
||||
// XXX: I think this pragma pack is meaningless here.
|
||||
// MSDN (https://msdn.microsoft.com/en-us/library/2e70t5y1%28VS.80%29.aspx) says:
|
||||
// "pack takes effect at the first struct, union, or class declaration after
|
||||
// the pragma is seen; pack has no effect on definitions."
|
||||
#pragma pack(push,1)
|
||||
G_EXTERN playerdata_t g_player[MAXPLAYERS];
|
||||
#ifdef global_c_
|
||||
static playerdata_t g_player_s[1 + MAXPLAYERS];
|
||||
playerdata_t *const g_player = &g_player_s[1];
|
||||
#else
|
||||
extern playerdata_t *const g_player;
|
||||
#endif
|
||||
G_EXTERN playerspawn_t g_playerSpawnPoints[MAXPLAYERS];
|
||||
G_EXTERN input_t inputfifo[MOVEFIFOSIZ][MAXPLAYERS];
|
||||
#pragma pack(pop)
|
||||
|
||||
G_EXTERN projectile_t ProjectileData[MAXTILES];
|
||||
G_EXTERN projectile_t SpriteProjectile[MAXSPRITES];
|
||||
G_EXTERN sound_t g_sounds[MAXSOUNDS];
|
||||
|
@ -129,32 +140,32 @@ G_EXTERN int32_t g_screenCapture;
|
|||
G_EXTERN int32_t g_noEnemies;
|
||||
|
||||
#ifndef global_c_
|
||||
G_EXTERN const char *s_buildDate;
|
||||
G_EXTERN int32_t g_spriteGravity;
|
||||
G_EXTERN int16_t g_spriteDeleteQueueSize;
|
||||
G_EXTERN char EpisodeNames[MAXVOLUMES][33];
|
||||
G_EXTERN char SkillNames[MAXSKILLS][33];
|
||||
G_EXTERN char GametypeNames[MAXGAMETYPES][33];
|
||||
G_EXTERN int32_t GametypeFlags[MAXGAMETYPES];
|
||||
G_EXTERN char g_numGametypes;
|
||||
G_EXTERN char g_numVolumes;
|
||||
G_EXTERN int32_t g_timerTicsPerSecond;
|
||||
G_EXTERN int32_t g_actorRespawnTime;
|
||||
G_EXTERN int32_t g_itemRespawnTime;
|
||||
G_EXTERN int32_t g_scriptSize;
|
||||
G_EXTERN int16_t BlimpSpawnSprites[15];
|
||||
G_EXTERN int32_t g_playerFriction;
|
||||
G_EXTERN int32_t g_numFreezeBounces;
|
||||
G_EXTERN int32_t g_lastSaveSlot;
|
||||
G_EXTERN int32_t g_rpgBlastRadius;
|
||||
G_EXTERN int32_t g_pipebombBlastRadius;
|
||||
G_EXTERN int32_t g_tripbombBlastRadius;
|
||||
G_EXTERN int32_t g_shrinkerBlastRadius;
|
||||
G_EXTERN int32_t g_morterBlastRadius;
|
||||
G_EXTERN int32_t g_bouncemineBlastRadius;
|
||||
G_EXTERN int32_t g_seenineBlastRadius;
|
||||
G_EXTERN char CheatKeys[2];
|
||||
G_EXTERN char setupfilename[BMAX_PATH];
|
||||
extern const char *s_buildDate;
|
||||
extern int32_t g_spriteGravity;
|
||||
extern int16_t g_spriteDeleteQueueSize;
|
||||
extern char EpisodeNames[MAXVOLUMES][33];
|
||||
extern char SkillNames[MAXSKILLS][33];
|
||||
extern char GametypeNames[MAXGAMETYPES][33];
|
||||
extern int32_t GametypeFlags[MAXGAMETYPES];
|
||||
extern char g_numGametypes;
|
||||
extern char g_numVolumes;
|
||||
extern int32_t g_timerTicsPerSecond;
|
||||
extern int32_t g_actorRespawnTime;
|
||||
extern int32_t g_itemRespawnTime;
|
||||
extern int32_t g_scriptSize;
|
||||
extern int16_t BlimpSpawnSprites[15];
|
||||
extern int32_t g_playerFriction;
|
||||
extern int32_t g_numFreezeBounces;
|
||||
extern int32_t g_lastSaveSlot;
|
||||
extern int32_t g_rpgBlastRadius;
|
||||
extern int32_t g_pipebombBlastRadius;
|
||||
extern int32_t g_tripbombBlastRadius;
|
||||
extern int32_t g_shrinkerBlastRadius;
|
||||
extern int32_t g_morterBlastRadius;
|
||||
extern int32_t g_bouncemineBlastRadius;
|
||||
extern int32_t g_seenineBlastRadius;
|
||||
extern char CheatKeys[2];
|
||||
extern char setupfilename[BMAX_PATH];
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -640,7 +640,7 @@ int32_x_MAXSESSIONVARS g_elSessionVar;
|
|||
actor_t actor[MAXSPRITES];
|
||||
camera_t g_camera;
|
||||
user_defs ud;
|
||||
playerdata_t g_player[MAXPLAYERS];
|
||||
playerdata_t *const g_player;
|
||||
DukePlayer_t *g_player_ps[MAXPLAYERS];
|
||||
weapondata_x_MAX_WEAPONS g_playerWeapon[MAXPLAYERS];
|
||||
weapondata_t g_weaponOverridden[MAX_WEAPONS];
|
||||
|
|
|
@ -328,7 +328,7 @@ typedef struct {
|
|||
|
||||
extern input_t inputfifo[MOVEFIFOSIZ][MAXPLAYERS];
|
||||
extern playerspawn_t g_playerSpawnPoints[MAXPLAYERS];
|
||||
extern playerdata_t g_player[MAXPLAYERS];
|
||||
extern playerdata_t *const g_player;
|
||||
extern int16_t WeaponPickupSprites[MAX_WEAPONS];
|
||||
extern hudweapon_t hudweap;
|
||||
extern int32_t g_levelTextTime;
|
||||
|
|
Loading…
Reference in a new issue