libretro/scummvm
1
0
Fork 0
mirror of https://github.com/libretro/scummvm.git synced 2025-02-22 12:12:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

AGI: Fix uninit memory use, crash on error

Browse Source 
Fixes random crashes when an illegal opcode is encountered.

See bug #14699
This commit is contained in:
sluicebox 2024-01-01 21:58:44 -08:00
parent ad9537227b
commit 0877da67b2
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
engines/agi/op_cmd.cpp
View File

@ -2439,16 +2439,16 @@ int AgiEngine::runLogic(int16 logicNr) {
_game.execStack.pop_back();
return 1;
default:
if (!_opCodes[op].functionPtr) {
error("Illegal opcode %x in logic %d, ip %d", op, state->curLogicNr, state->_curLogic->cIP);
}
curParameterSize = _opCodes[op].parameterSize;
memmove(p, state->_curLogic->data + state->_curLogic->cIP, curParameterSize);
memset(p + curParameterSize, 0, CMD_BSIZE - curParameterSize);
debugC(2, kDebugLevelScripts, "%s%s(%d %d %d)", st, _opCodes[op].name, p[0], p[1], p[2]);
if (!_opCodes[op].functionPtr) {
error("Illegal opcode %x in logic %d, ip %d", op, state->curLogicNr, state->_curLogic->cIP);
}
_opCodes[op].functionPtr(&_game, this, p);
state->_curLogic->cIP += curParameterSize;
}

8
engines/agi/opcodes.cpp
View File

@ -366,8 +366,6 @@ void AgiEngine::setupOpCodes(uint16 version) {
const AgiOpCodeDefinitionEntry *opCodesCondTable = nullptr;
uint16 opCodesTableSize = 0;
uint16 opCodesCondTableSize = 0;
uint16 opCodesTableMaxSize = sizeof(_opCodes) / sizeof(AgiOpCodeEntry);
uint16 opCodesCondTableMaxSize = sizeof(_opCodesCond) / sizeof(AgiOpCodeEntry);
debug(0, "Setting up for version 0x%04X", version);
@ -443,16 +441,18 @@ void AgiEngine::setupOpCodes(uint16 version) {
_opCodes[182].parameters = "vv";
// add invalid entries for every opcode, that is not defined at all
for (int opCodeNr = opCodesTableSize; opCodeNr < opCodesTableMaxSize; opCodeNr++) {
for (int opCodeNr = opCodesTableSize; opCodeNr < ARRAYSIZE(_opCodes); opCodeNr++) {
_opCodes[opCodeNr].name = "illegal";
_opCodes[opCodeNr].parameters = "";
_opCodes[opCodeNr].functionPtr = nullptr;
_opCodes[opCodeNr].parameterSize = 0;
}
for (int opCodeNr = opCodesCondTableSize; opCodeNr < opCodesCondTableMaxSize; opCodeNr++) {
for (int opCodeNr = opCodesCondTableSize; opCodeNr < ARRAYSIZE(_opCodesCond); opCodeNr++) {
_opCodesCond[opCodeNr].name = "illegal";
_opCodesCond[opCodeNr].parameters = "";
_opCodesCond[opCodeNr].functionPtr = nullptr;
_opCodesCond[opCodeNr].parameterSize = 0;
}
// calculate parameter size