zdoom/gzdoom-gles
0
0
Fork 0
mirror of https://github.com/ZDoom/gzdoom-gles.git synced 2024-11-10 23:01:59 +00:00
Code Issues Projects Releases Packages Wiki Activity

- fill array of objects with nulls on reserve

Browse source 
When item of object array is reserved but not written, it contains random garbage that is treated as valid pointer by VM and GC

https://forum.zdoom.org/viewtopic.php?t=69703
This commit is contained in:
alexey.lysiuk 2020-08-29 13:06:46 +03:00
parent f46e3bacb2
commit 60886f389c
1 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
src/common/scripting/core/dynarrays.cpp
View file

@ -121,6 +121,17 @@ template<class T> unsigned int ArrayReserve(T *self, int amount)
return self->Reserve(amount); return self->Reserve(amount);
} }
template<> unsigned int ArrayReserve(TArray<DObject*> *self, int amount)
{
const unsigned int oldSize = self->Reserve(amount);
const unsigned int fillCount = self->Size() - oldSize;
if (fillCount > 0)
memset(&(*self)[oldSize], 0, sizeof(DObject*) * fillCount);
return oldSize;
}
template<class T> int ArrayMax(T *self) template<class T> int ArrayMax(T *self)
{ {
return self->Max(); return self->Max();
@ -908,7 +919,7 @@ DEFINE_ACTION_FUNCTION_NATIVE(FDynArray_Obj, Reserve, ArrayReserve<FDynArray_Obj
{ {
PARAM_SELF_STRUCT_PROLOGUE(FDynArray_Obj); PARAM_SELF_STRUCT_PROLOGUE(FDynArray_Obj);
PARAM_INT(count); PARAM_INT(count);
ACTION_RETURN_INT(self->Reserve(count)); ACTION_RETURN_INT(ArrayReserve(self, count));
} }
DEFINE_ACTION_FUNCTION_NATIVE(FDynArray_Obj, Max, ArrayMax<FDynArray_Obj>) DEFINE_ACTION_FUNCTION_NATIVE(FDynArray_Obj, Max, ArrayMax<FDynArray_Obj>)