From 2f9ca1750743f59c31dcb4877bb22923ef7badb7 Mon Sep 17 00:00:00 2001 From: terminx Date: Tue, 25 Jun 2019 11:28:40 +0000 Subject: [PATCH] Fix integer overflows in rintersect() and optimize a bit of the logic Some of the variable initialization ordering may look counterintuitive at first, but it's intended to avoid read-after-write memory access penalties. git-svn-id: https://svn.eduke32.com/eduke32@7701 1a8010ca-5511-0410-912e-c29ae57300e0 --- source/build/src/engine.cpp | 33 +++++++++++++++------------------ 1 file changed, 15 insertions(+), 18 deletions(-) diff --git a/source/build/src/engine.cpp b/source/build/src/engine.cpp index 2932d4eac..6f7366ad4 100644 --- a/source/build/src/engine.cpp +++ b/source/build/src/engine.cpp @@ -7563,38 +7563,35 @@ int32_t lintersect(const int32_t originX, const int32_t originY, const int32_t o // // returns: -1 if didn't intersect, coefficient (x3--x4 fraction)<<16 else int32_t rintersect(int32_t x1, int32_t y1, int32_t z1, - int32_t vx_, int32_t vy_, int32_t vz, + int32_t vx, int32_t vy, int32_t vz, int32_t x3, int32_t y3, int32_t x4, int32_t y4, int32_t *intx, int32_t *inty, int32_t *intz) { //p1 towards p2 is a ray - int64_t topt, topu, t; - const int64_t vx=vx_, vy=vy_; - const int64_t x34=x3-x4, y34=y3-y4; - const int64_t bot = vx*y34 - vy*x34; + int64_t const x34=x3-x4, y34=y3-y4; + int64_t const x31=x3-x1, y31=y3-y1; + + int64_t const bot = vx*y34 - vy*x34; + int64_t const topt = x31*y34 - y31*x34; if (bot == 0) return -1; - else if (bot > 0) - { - int64_t x31=x3-x1, y31 = y3-y1; - topt = x31*y34 - y31*x34; if (topt < 0) return -1; - topu = vx*y31 - vy*x31; if (topu < 0 || topu >= bot) return -1; - } - else - { - int32_t x31=x3-x1, y31=y3-y1; - topt = x31*y34 - y31*x34; if (topt > 0) return -1; - topu = vx*y31 - vy*x31; if (topu > 0 || topu <= bot) return -1; - } - t = (topt<<16)/bot; + int64_t const topu = vx*y31 - vy*x31; + + if (bot > 0 && (topt < 0 || topu < 0 || topu >= bot)) + return -1; + else if (bot < 0 && (topt > 0 || topu > 0 || topu <= bot)) + return -1; + + int64_t t = (topt<<16)/bot; *intx = x1 + ((vx*t)>>16); *inty = y1 + ((vy*t)>>16); *intz = z1 + ((vz*t)>>16); t = (topu<<16)/bot; + Bassert((unsigned)t < 65536); return t;