diff --git a/docs/rh-log.txt b/docs/rh-log.txt index 5ec9411ca9..97f42438ce 100644 --- a/docs/rh-log.txt +++ b/docs/rh-log.txt @@ -1,4 +1,10 @@ January 22, 2007 +- Added a range check for the PNG grAb chunks. +- Fixed: AddLine() could corrupt memory if the length of the text being + added was longer than the console buffer. +- Fixed: FTexture::GetScaled(Left|Top)Offset returned the Width and Height + instead when the scale values were 0. +- Removed the unnecessary "mov ecx,c" from mscinlines.h:Scale(). - Fixed: The simulated palette blend used when the console is down needs to force a full screen update the next frame. - Fixed: LocalViewPitch could overflow and wrap around when a netgame stalls. diff --git a/src/c_console.cpp b/src/c_console.cpp index 3fa5eca2b8..35137af6b1 100644 --- a/src/c_console.cpp +++ b/src/c_console.cpp @@ -637,6 +637,11 @@ static void AddLine (const char *text, bool more, int len) TopLine = FlushLines (BufferRover, ConsoleBuffer + CONSOLESIZE); BufferRover = ConsoleBuffer; } + if (len >= CONSOLESIZE - 1) + { + text = text + len - CONSOLESIZE + 1; + len = CONSOLESIZE - 1; + } TopLine = FlushLines (BufferRover, BufferRover + len + 1); memcpy (BufferRover, text, len); BufferRover[len] = 0; diff --git a/src/mscinlines.h b/src/mscinlines.h index fac162fc89..9e14668ab4 100644 --- a/src/mscinlines.h +++ b/src/mscinlines.h @@ -23,9 +23,8 @@ __forceinline SDWORD Scale (SDWORD a, SDWORD b, SDWORD c) { __asm mov eax,a - __asm mov ecx,c __asm imul b - __asm idiv ecx + __asm idiv c } __forceinline SDWORD MulScale (SDWORD a, SDWORD b, SDWORD c) diff --git a/src/r_defs.h b/src/r_defs.h index e1497ffe8a..b694b17c49 100644 --- a/src/r_defs.h +++ b/src/r_defs.h @@ -652,8 +652,8 @@ public: int GetScaledWidth () { return ScaleX ? DivScale3(Width, ScaleX) : Width; } int GetScaledHeight () { return ScaleY ? DivScale3(Height, ScaleY) : Height; } - int GetScaledLeftOffset () { return ScaleX ? DivScale3(LeftOffset, ScaleX) : Width; } - int GetScaledTopOffset () { return ScaleY ? DivScale3(TopOffset, ScaleY) : Height; } + int GetScaledLeftOffset () { return ScaleX ? DivScale3(LeftOffset, ScaleX) : LeftOffset; } + int GetScaledTopOffset () { return ScaleY ? DivScale3(TopOffset, ScaleY) : TopOffset; } virtual void SetFrontSkyLayer(); diff --git a/src/textures/pngtexture.cpp b/src/textures/pngtexture.cpp index f755544a28..66d8098ab5 100644 --- a/src/textures/pngtexture.cpp +++ b/src/textures/pngtexture.cpp @@ -154,10 +154,23 @@ FPNGTexture::FPNGTexture (FileReader &lump, int lumpnum, int width, int height, // This is like GRAB found in an ILBM, except coordinates use 4 bytes { DWORD hotx, hoty; - + int ihotx, ihoty; + lump >> hotx >> hoty; - LeftOffset = BigLong((int)hotx); - TopOffset = BigLong((int)hoty); + ihotx = BigLong((int)hotx); + ihoty = BigLong((int)hoty); + if (ihotx < -32768 || ihotx > 32767) + { + Printf ("X-Offset for PNG texture %s is bad: %d (0x%08x)\n", Wads.GetLumpFullName (lumpnum), ihotx, ihotx); + ihotx = 0; + } + if (ihoty < -32768 || ihoty > 32767) + { + Printf ("Y-Offset for PNG texture %s is bad: %d (0x%08x)\n", Wads.GetLumpFullName (lumpnum), ihoty, ihoty); + ihoty = 0; + } + LeftOffset = (int)ihotx; + TopOffset = (int)ihoty; } break;