baselayer.c: fix an oob write to ylookup[] intoduced in r4695.

On Linux, it started manifesting itself since r4719 as crashes whose
backtraces pointed to malloc() and were not helpful. Valgrind finally
uncovered this.

git-svn-id: https://svn.eduke32.com/eduke32@4724 1a8010ca-5511-0410-912e-c29ae57300e0
This commit is contained in:
helixhorned 2014-11-06 23:43:47 +00:00
parent 502f5dac64
commit e8553b5398
2 changed files with 5 additions and 6 deletions

View file

@ -757,7 +757,6 @@ EXTERN int32_t yxaspect, viewingrange;
extern "C" { extern "C" {
#endif #endif
EXTERN intptr_t *ylookup; EXTERN intptr_t *ylookup;
EXTERN int32_t ylookupsiz;
#ifdef __cplusplus #ifdef __cplusplus
}; };
#endif #endif

View file

@ -187,15 +187,15 @@ int32_t nx_unprotect(intptr_t beg, intptr_t end)
void calc_ylookup(int32_t bpl, int32_t lastyidx) void calc_ylookup(int32_t bpl, int32_t lastyidx)
{ {
int32_t i, j=0; int32_t i, j=0;
static int32_t ylookupsiz;
lastyidx++;
Bassert(lastyidx <= MAXYDIM); Bassert(lastyidx <= MAXYDIM);
lastyidx++;
if (lastyidx > ylookupsiz) if (lastyidx > ylookupsiz)
{ {
if (ylookup) Baligned_free(ylookup);
Baligned_free(ylookup);
ylookup = (intptr_t *)Xaligned_alloc(16, lastyidx * sizeof(intptr_t)); ylookup = (intptr_t *)Xaligned_alloc(16, lastyidx * sizeof(intptr_t));
#if !defined(NOASM) && !defined(GEKKO) && !defined(__ANDROID__) #if !defined(NOASM) && !defined(GEKKO) && !defined(__ANDROID__)
@ -213,7 +213,7 @@ void calc_ylookup(int32_t bpl, int32_t lastyidx)
j += (bpl << 2); j += (bpl << 2);
} }
for (; i<=lastyidx; i++) for (; i<lastyidx; i++)
{ {
ylookup[i] = j; ylookup[i] = j;
j += bpl; j += bpl;