libretro/scummvm
1
0
Fork 0
mirror of https://github.com/libretro/scummvm.git synced 2025-01-21 17:45:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

DIRECTOR: Validate uncompressed chunk length

Browse Source
This commit is contained in:
djsrv 2020-08-12 10:35:40 -04:00
parent f8e8a3ff38
commit 28ca9065d4
3 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
engines/director/archive.cpp
View File

@ -640,15 +640,19 @@ bool RIFXArchive::readAfterburnerMap(Common::SeekableSubReadStreamEndian &stream
}
uint32 abmpLength = readVarInt(stream);
uint32 abmpCompressionType = readVarInt(stream);
uint32 abmpUncompLength = readVarInt(stream);
debug(3, "ABMP: length: %d compressionType: %d uncompressedLength: %d",
unsigned long abmpUncompLength = readVarInt(stream);
unsigned long abmpActualUncompLength = abmpUncompLength;
debug(3, "ABMP: length: %d compressionType: %d uncompressedLength: %lu",
abmpLength, abmpCompressionType, abmpUncompLength);
Common::SeekableReadStreamEndian *abmpStream = readZlibData(stream, abmpLength, abmpUncompLength, _isBigEndian);
Common::SeekableReadStreamEndian *abmpStream = readZlibData(stream, abmpLength, &abmpActualUncompLength, _isBigEndian);
if (!abmpStream) {
warning("RIFXArchive::readAfterburnerMap(): Could not uncompress ABMP");
return false;
}
if (abmpUncompLength != abmpActualUncompLength) {
warning("ABMP: Expected uncompressed length %lu but got length %lu", abmpUncompLength, abmpActualUncompLength);
}
if (ConfMan.getBool("dump_scripts")) {
Common::DumpFile out;

8
engines/director/util.cpp
View File

@ -671,20 +671,20 @@ uint32 readVarInt(Common::SeekableReadStream &stream) {
return val;
}
Common::SeekableReadStreamEndian *readZlibData(Common::SeekableReadStream &stream, unsigned long len, unsigned long outLen, bool bigEndian) {
Common::SeekableReadStreamEndian *readZlibData(Common::SeekableReadStream &stream, unsigned long len, unsigned long *outLen, bool bigEndian) {
#ifdef USE_ZLIB
byte *in = (byte *)malloc(len);
byte *out = (byte *)malloc(outLen);
byte *out = (byte *)malloc(*outLen);
stream.read(in, len);
if (!Common::uncompress(out, &outLen, in, len)) {
if (!Common::uncompress(out, outLen, in, len)) {
free(in);
free(out);
return nullptr;
}
free(in);
return new Common::MemoryReadStreamEndian(out, outLen, bigEndian);
return new Common::MemoryReadStreamEndian(out, *outLen, bigEndian);
# else
return nullptr;
# endif

2
engines/director/util.h
View File

@ -78,7 +78,7 @@ private:
uint32 readVarInt(Common::SeekableReadStream &stream);
Common::SeekableReadStreamEndian *readZlibData(Common::SeekableReadStream &stream, unsigned long len, unsigned long outLen, bool bigEndian);
Common::SeekableReadStreamEndian *readZlibData(Common::SeekableReadStream &stream, unsigned long len, unsigned long *outLen, bool bigEndian);
} // End of namespace Director