yquake2/yquake2remaster
0
0
Fork 0
mirror of https://github.com/yquake2/yquake2remaster.git synced 2025-01-19 16:00:56 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #549 from 0lvin/fix_big_pak

Browse source 
Dynamically allocate memory on PAK directory read
This commit is contained in:
Yamagi 2020-04-20 08:58:47 +02:00 committed by GitHub
commit 642c2259aa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/client/vid/glimp_sdl.c
View file

@ -54,6 +54,12 @@ static int num_displays = 0;
static void
ClampDisplayIndexCvar(void)
{
if (!vid_displayindex)
{
// uninitialized render?
return;
}
if (vid_displayindex->value < 0 || vid_displayindex->value >= num_displays)
{
Cvar_SetValue("vid_displayindex", 0);
@ -179,7 +185,7 @@ CreateSDLWindow(int flags, int w, int h)
}
else
{
Com_Printf("User requested %ix%i@%i, setting closest mode %ix%i@%i\n",
Com_Printf("User requested %ix%i@%i, setting closest mode %ix%i@%i\n",
w, h, requested_mode.refresh_rate, w, h, closest_mode.refresh_rate);
if (SDL_SetWindowDisplayMode(window, &closest_mode) != 0)

30
src/common/filesystem.c
View file

@ -701,7 +701,7 @@ FS_LoadPAK(const char *packPath)
fsPackFile_t *files; /* List of files in PAK. */
fsPack_t *pack; /* PAK file. */
dpackheader_t header; /* PAK file header. */
dpackfile_t info[MAX_FILES_IN_PACK]; /* PAK info. */
dpackfile_t *info = NULL; /* PAK info. */
handle = Q_fopen(packPath, "rb");
@ -715,7 +715,7 @@ FS_LoadPAK(const char *packPath)
if (LittleLong(header.ident) != IDPAKHEADER)
{
fclose(handle);
Com_Error(ERR_FATAL, "FS_LoadPAK: '%s' is not a pack file", packPath);
Com_Error(ERR_FATAL, "%s: '%s' is not a pack file", __func__, packPath);
}
header.dirofs = LittleLong(header.dirofs);
@ -723,11 +723,24 @@ FS_LoadPAK(const char *packPath)
numFiles = header.dirlen / sizeof(dpackfile_t);
if ((numFiles > MAX_FILES_IN_PACK) || (numFiles == 0))
if ((numFiles == 0) || (header.dirlen < 0) || (header.dirofs < 0))
{
fclose(handle);
Com_Error(ERR_FATAL, "FS_LoadPAK: '%s' has %i files",
packPath, numFiles);
Com_Error(ERR_FATAL, "%s: '%s' is too short.",
__func__, packPath);
}
if (numFiles > MAX_FILES_IN_PACK)
{
Com_Printf("%s: '%s' has %i > %i files\n",
__func__, packPath, numFiles, MAX_FILES_IN_PACK);
}
info = malloc(header.dirlen);
if (!info)
{
Com_Error(ERR_FATAL, "%s: '%s' is to big for read %d",
__func__, packPath, header.dirlen);
}
files = Z_Malloc(numFiles * sizeof(fsPackFile_t));
@ -742,6 +755,7 @@ FS_LoadPAK(const char *packPath)
files[i].offset = LittleLong(info[i].filepos);
files[i].size = LittleLong(info[i].filelen);
}
free(info);
pack = Z_Malloc(sizeof(fsPack_t));
Q_strlcpy(pack->name, packPath, sizeof(pack->name));
@ -793,11 +807,11 @@ FS_LoadPK3(const char *packPath)
numFiles = global.number_entry;
if ((numFiles > MAX_FILES_IN_PACK) || (numFiles == 0))
if (numFiles <= 0)
{
unzClose(handle);
Com_Error(ERR_FATAL, "FS_LoadPK3: '%s' has %i files",
packPath, numFiles);
Com_Error(ERR_FATAL, "%s: '%s' has %i files",
__func__, packPath, numFiles);
}
files = Z_Malloc(numFiles * sizeof(fsPackFile_t));