zdoom/raze-gles
0
0
Fork 0
mirror of https://github.com/ZDoom/raze-gles.git synced 2024-11-11 07:11:39 +00:00
Code Issues Projects Releases Packages Wiki Activity

C-CON: add safety checks for qgetsysstr/STR_{,MAP,PLAYER,VOLUME}NAME.

Browse source 
Add test/qgetsysstr.con. BUILD_LUNATIC.

git-svn-id: https://svn.eduke32.com/eduke32@4380 1a8010ca-5511-0410-912e-c29ae57300e0
This commit is contained in:
helixhorned 2014-03-16 14:37:54 +00:00
parent 5be1c322b2
commit c797298b6a
2 changed files with 81 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
polymer/eduke32/source/gameexec.c
View file

@ -2131,12 +2131,36 @@ skip_check:
switch (j) switch (j)
{ {
case STR_MAPNAME: case STR_MAPNAME:
Bstrcpy(ScriptQuotes[i],MapInfo[ud.volume_number*MAXLEVELS + ud.level_number].name);
break;
case STR_MAPFILENAME: case STR_MAPFILENAME:
Bstrcpy(ScriptQuotes[i],MapInfo[ud.volume_number*MAXLEVELS + ud.level_number].filename); {
int32_t idx = ud.volume_number*MAXLEVELS + ud.level_number;
const char *src;
if ((unsigned)idx >= ARRAY_SIZE(MapInfo))
{
CON_ERRPRINTF("out of bounds map number (vol=%d, lev=%d)\n",
ud.volume_number, ud.level_number);
break; break;
}
src = j==STR_MAPNAME ? MapInfo[idx].name : MapInfo[idx].filename;
if (src == NULL)
{
CON_ERRPRINTF("attempted access to %s of non-existent map (vol=%d, lev=%d)",
j==STR_MAPNAME ? "name" : "file name",
ud.volume_number, ud.level_number);
break;
}
Bstrcpy(ScriptQuotes[i], j==STR_MAPNAME ? MapInfo[idx].name : MapInfo[idx].filename);
break;
}
case STR_PLAYERNAME: case STR_PLAYERNAME:
if ((unsigned)vm.g_p >= (unsigned)playerswhenstarted)
{
CON_ERRPRINTF("Invalid player ID %d\n", vm.g_p);
break;
}
Bstrcpy(ScriptQuotes[i],g_player[vm.g_p].user_name); Bstrcpy(ScriptQuotes[i],g_player[vm.g_p].user_name);
break; break;
case STR_VERSION: case STR_VERSION:
@ -2147,6 +2171,11 @@ skip_check:
Bstrcpy(ScriptQuotes[i],GametypeNames[ud.coop]); Bstrcpy(ScriptQuotes[i],GametypeNames[ud.coop]);
break; break;
case STR_VOLUMENAME: case STR_VOLUMENAME:
if ((unsigned)ud.volume_number >= MAXVOLUMES)
{
CON_ERRPRINTF("invalid volume (%d)\n", ud.volume_number);
break;
}
Bstrcpy(ScriptQuotes[i],EpisodeNames[ud.volume_number]); Bstrcpy(ScriptQuotes[i],EpisodeNames[ud.volume_number]);
break; break;
default: default:

49
polymer/eduke32/source/lunatic/test/qgetsysstr.con Normal file
View file

@ -0,0 +1,49 @@
gamevar vol 0 0
gamevar lev 0 0
// out-of-bounds volume/level numbers
gamevar badvol_oob 99 0
gamevar badlev_oob 999 0
// volume/level numbers for which no level is defined
gamevar badvol_nd 3 0
gamevar badlev_nd 32 0
definequote 255 <temp>
onevent EVENT_ENTERLEVEL
// must fail, since the current player is -1 in this event
qgetsysstr 255 STR_PLAYERNAME
endevent
onevent EVENT_USESTEROIDS
getuserdef .volume_number vol
setuserdef .volume_number badvol_oob // LunaCON errors here
qgetsysstr 255 STR_VOLUMENAME // C-CON errors here
setuserdef .volume_number vol
endevent
onevent EVENT_USEJETPACK
getuserdef .volume_number vol
getuserdef .level_number lev
setuserdef .volume_number badvol_oob // LunaCON errors here
setuserdef .level_number badlev_oob
qgetsysstr 255 STR_MAPNAME // C-CON errors here
setuserdef .volume_number vol
setuserdef .level_number lev
endevent
onevent EVENT_JUMP
getuserdef .volume_number vol
getuserdef .level_number lev
setuserdef .volume_number badvol_nd
setuserdef .level_number badlev_nd
qgetsysstr 255 STR_MAPFILENAME // LunaCON, C-CON error here
setuserdef .volume_number vol
setuserdef .level_number lev
endevent