libretro/scummvm
1
0
Fork 0
mirror of https://github.com/libretro/scummvm.git synced 2025-01-04 16:38:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

DIRECTOR: LINGO: Fix constant size check

Browse Source
This commit is contained in:
Scott Percival 2020-01-17 20:36:21 +08:00
parent e8ad1bdec5
commit 329b77bd82
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
engines/director/lingo/lingo-bytecode.cpp
View File

@ -494,14 +494,14 @@ void Lingo::addCodeV4(Common::SeekableSubReadStreamEndian &stream, ScriptType ty
constant.type = STRING;
constant.u.s = new Common::String();
uint32 pointer = value;
if (pointer + 4 >= constsStoreSize) {
if (pointer + 4 > constsStoreSize) {
error("Constant string is too small");
break;
}
uint32 length = READ_BE_UINT32(&constsStore[pointer]);
pointer += 4;
uint32 end = pointer + length;
if (end >= constsStoreSize) {
if (end > constsStoreSize) {
error("Constant string is too large");
break;
}
@ -515,7 +515,7 @@ void Lingo::addCodeV4(Common::SeekableSubReadStreamEndian &stream, ScriptType ty
}
pointer += 1;
}
if (pointer >= constsStoreSize) {
if (pointer > constsStoreSize) {
warning("Constant string has no null terminator");
break;
}