libretro/scummvm
1
0
Fork 0
mirror of https://github.com/libretro/scummvm.git synced 2024-12-12 03:56:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added a safeguard to readBundleFile so it shouldn't corrupt memory even if the input says the data's unpacked size is less than its packed size (This shouldn't ever happen with non-corrupted data).

Browse Source 
svn-id: r33782
This commit is contained in:
Kari Salminen 2008-08-11 20:18:33 +00:00
parent 02c9cb35f4
commit c1462dda14
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
engines/cine/part.cpp
View File

@ -212,18 +212,18 @@ int16 findFileInBundle(const char *fileName) {
return -1;
}
void readFromPart(int16 idx, byte *dataPtr) {
void readFromPart(int16 idx, byte *dataPtr, uint32 maxSize) {
setMouseCursor(MOUSE_CURSOR_DISK);
g_cine->_partFileHandle.seek(partBuffer[idx].offset, SEEK_SET);
g_cine->_partFileHandle.read(dataPtr, partBuffer[idx].packedSize);
g_cine->_partFileHandle.read(dataPtr, MIN(partBuffer[idx].packedSize, maxSize));
}
byte *readBundleFile(int16 foundFileIdx) {
assert(foundFileIdx >= 0 && foundFileIdx < numElementInPart);
bool error = false;
byte *dataPtr = (byte *)calloc(partBuffer[foundFileIdx].unpackedSize, 1);
readFromPart(foundFileIdx, dataPtr);
readFromPart(foundFileIdx, dataPtr, partBuffer[foundFileIdx].unpackedSize);
if (partBuffer[foundFileIdx].unpackedSize > partBuffer[foundFileIdx].packedSize) {
CineUnpacker cineUnpacker;
error = !cineUnpacker.unpack(dataPtr, partBuffer[foundFileIdx].packedSize, dataPtr, partBuffer[foundFileIdx].unpackedSize);

2
engines/cine/part.h
View File

@ -44,7 +44,7 @@ void closePart(void);
int16 findFileInBundle(const char *fileName);
void readFromPart(int16 idx, byte *dataPtr);
void readFromPart(int16 idx, byte *dataPtr, uint32 maxSize);
byte *readBundleFile(int16 foundFileIdx);
byte *readBundleSoundFile(const char *entryName, uint32 *size = 0);