thirdparty/scummvm
2
0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

_stringBuffer can have mutple strings, ie in pajama2 startup.

Browse source 
Add safety check for buffer size.

svn-id: r17581
This commit is contained in:
Travis Howell 2005-04-13 10:34:47 +00:00
parent b8d3bec568
commit d3ea799f23
7 changed files with 95 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

8
scumm/intern.h
View file

@ -752,11 +752,17 @@ protected:
#endif #endif
const OpcodeEntryV72he *_opcodesV72he; const OpcodeEntryV72he *_opcodesV72he;
int _stringLength, _stringStart;
byte _stringBuffer[4096];
WizParameters _wizParams; WizParameters _wizParams;
public: public:
ScummEngine_v72he(GameDetector *detector, OSystem *syst, const ScummGameSettings &gs, uint8 md5sum[16]) : ScummEngine_v70he(detector, syst, gs, md5sum) {} ScummEngine_v72he(GameDetector *detector, OSystem *syst, const ScummGameSettings &gs, uint8 md5sum[16]) : ScummEngine_v70he(detector, syst, gs, md5sum) {}
virtual void scummInit();
protected: protected:
virtual void setupOpcodes(); virtual void setupOpcodes();
virtual void executeOpcode(byte i); virtual void executeOpcode(byte i);
@ -796,7 +802,7 @@ protected:
virtual void decodeParseString(int a, int b); virtual void decodeParseString(int a, int b);
void decodeScriptString(byte *dst, bool scriptString = false); void decodeScriptString(byte *dst, bool scriptString = false);
void copyScriptString(byte *dst); void copyScriptString(byte *dst, int dstSize);
byte *heFindResourceData(uint32 tag, byte *ptr); byte *heFindResourceData(uint32 tag, byte *ptr);
byte *heFindResource(uint32 tag, byte *ptr); byte *heFindResource(uint32 tag, byte *ptr);

20
scumm/script_v100he.cpp
View file

@ -446,7 +446,7 @@ void ScummEngine_v100he::o100_actorOps() {
debug(1,"o100_actorOps: case 32 (%d)", i); debug(1,"o100_actorOps: case 32 (%d)", i);
break; break;
case 52: // SO_ACTOR_NAME case 52: // SO_ACTOR_NAME
copyScriptString(string); copyScriptString(string, sizeof(string));
loadPtrToResource(rtActorName, a->_number, string); loadPtrToResource(rtActorName, a->_number, string);
break; break;
case 53: // SO_ACTOR_NEW case 53: // SO_ACTOR_NEW
@ -483,7 +483,7 @@ void ScummEngine_v100he::o100_actorOps() {
break; break;
case 78: case 78:
{ {
copyScriptString(string); copyScriptString(string, sizeof(string));
int slot = pop(); int slot = pop();
int len = resStrLen(string) + 1; int len = resStrLen(string) + 1;
@ -596,7 +596,7 @@ void ScummEngine_v100he::o100_arrayOps() {
memcpy(ah->data, string, len); memcpy(ah->data, string, len);
break; break;
case 77: // SO_ASSIGN_STRING case 77: // SO_ASSIGN_STRING
copyScriptString(string); copyScriptString(string, sizeof(string));
len = resStrLen(string) + 1; len = resStrLen(string) + 1;
ah = defineArray(array, kStringArray, 0, 0, 0, len); ah = defineArray(array, kStringArray, 0, 0, 0, len);
memcpy(ah->data, string, len); memcpy(ah->data, string, len);
@ -979,7 +979,7 @@ void ScummEngine_v100he::o100_setSpriteGroupInfo() {
spriteGroupSet_inc_tx_ty(_curSpriteGroupId, value1, value2); spriteGroupSet_inc_tx_ty(_curSpriteGroupId, value1, value2);
break; break;
case 52: case 52:
copyScriptString(string); copyScriptString(string, sizeof(string));
break; break;
case 53: case 53:
if (!_curSpriteGroupId) if (!_curSpriteGroupId)
@ -1200,7 +1200,7 @@ void ScummEngine_v100he::o100_wizImageOps() {
case 47: case 47:
_wizParams.processFlags |= kWPFUseFile; _wizParams.processFlags |= kWPFUseFile;
_wizParams.processMode = 3; _wizParams.processMode = 3;
copyScriptString(_wizParams.filename); copyScriptString(_wizParams.filename, sizeof(_wizParams.filename));
break; break;
case 53: case 53:
_wizParams.processMode = 8; _wizParams.processMode = 8;
@ -1235,7 +1235,7 @@ void ScummEngine_v100he::o100_wizImageOps() {
case 64: case 64:
_wizParams.processFlags |= kWPFUseFile; _wizParams.processFlags |= kWPFUseFile;
_wizParams.processMode = 4; _wizParams.processMode = 4;
copyScriptString(_wizParams.filename); copyScriptString(_wizParams.filename, sizeof(_wizParams.filename));
_wizParams.fileWriteMode = pop(); _wizParams.fileWriteMode = pop();
break; break;
case 65: case 65:
@ -1272,7 +1272,7 @@ void ScummEngine_v100he::o100_wizImageOps() {
pop(); pop();
pop(); pop();
pop(); pop();
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
_wizParams.processMode = 15; _wizParams.processMode = 15;
break; break;
case 129: case 129:
@ -1282,7 +1282,7 @@ void ScummEngine_v100he::o100_wizImageOps() {
_wizParams.processMode = 16; _wizParams.processMode = 16;
pop(); pop();
pop(); pop();
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
break; break;
case 131: case 131:
_wizParams.processMode = 13; _wizParams.processMode = 13;
@ -1589,7 +1589,7 @@ void ScummEngine_v100he::o100_roomOps() {
break; break;
case 137: case 137:
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
_saveLoadFlag = pop(); _saveLoadFlag = pop();
_saveLoadSlot = 1; _saveLoadSlot = 1;
_saveTemporaryState = true; _saveTemporaryState = true;
@ -1833,7 +1833,7 @@ void ScummEngine_v100he::o100_setSpriteInfo() {
spriteInfoSet_Inc_tx_ty(spriteId, args[0], args[1]); spriteInfoSet_Inc_tx_ty(spriteId, args[0], args[1]);
break; break;
case 52: case 52:
copyScriptString(string); copyScriptString(string, sizeof(string));
break; break;
case 53: case 53:
if (_curSpriteId > _curMaxSpriteId) if (_curSpriteId > _curMaxSpriteId)

87
scumm/script_v72he.cpp
View file

@ -518,20 +518,39 @@ void ScummEngine_v72he::readArrayFromIndexFile() {
} }
} }
void ScummEngine_v72he::copyScriptString(byte *dst) { void ScummEngine_v72he::copyScriptString(byte *dst, int dstSize) {
int i = 0; byte string[256];
byte b; byte chr;
int pos = 0;
int array = pop(); int array = pop();
if (array == -1) { if (array == -1) {
int len = resStrLen(_stringBuffer) + 1; if (_stringLength == 1)
error("String stack underflow");
_stringLength -= 2;
while ((chr = _stringBuffer[_stringLength]) != 0) {
string[pos] = chr;
pos++;
if (pos > dstSize)
error("String too long to pop");
_stringLength--;
}
string[pos] = 0;
_stringLength++;
// Reverse string
int len = resStrLen(string);
while (len--) while (len--)
*dst++ = _stringBuffer[i++]; *dst++ = string[len];
} else { } else {
writeVar(0, array); writeVar(0, array);
while ((b = readArray(0, 0, i)) != 0) { while ((chr = readArray(0, 0, pos)) != 0) {
*dst++ = b; *dst++ = chr;
i++; pos++;
} }
} }
*dst = 0; *dst = 0;
@ -556,7 +575,7 @@ void ScummEngine_v72he::decodeScriptString(byte *dst, bool scriptString) {
len = resStrLen(_scriptPointer); len = resStrLen(_scriptPointer);
_scriptPointer += len + 1; _scriptPointer += len + 1;
} else { } else {
copyScriptString(string); copyScriptString(string, sizeof(string));
len = resStrLen(string) + 1; len = resStrLen(string) + 1;
} }
@ -719,14 +738,18 @@ void ScummEngine_v72he::o72_pushDWord() {
} }
void ScummEngine_v72he::o72_addMessageToStack() { void ScummEngine_v72he::o72_addMessageToStack() {
_stringLength = resStrLen(_scriptPointer) + 1; byte chr;
addMessageToStack(_scriptPointer, _stringBuffer, _stringLength);
// Filter out pointless trace messages, which often flood while ((chr = fetchScriptByte()) != 0) {
if (strcmp((char *)_stringBuffer, "no trace") && strcmp((char *)_stringBuffer, "trace on")) _stringBuffer[_stringLength] = chr;
debug(1,"o72_addMessageToStack(\"%s\")", _scriptPointer); _stringLength++;
_scriptPointer += _stringLength; if (_stringLength >= 4096)
error("String stack overflow");
}
_stringBuffer[_stringLength] = 0;
_stringLength++;
} }
void ScummEngine_v72he::o72_isAnyOf() { void ScummEngine_v72he::o72_isAnyOf() {
@ -1030,7 +1053,7 @@ void ScummEngine_v72he::o72_roomOps() {
break; break;
case 221: case 221:
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
_saveLoadFlag = pop(); _saveLoadFlag = pop();
_saveLoadSlot = 1; _saveLoadSlot = 1;
_saveTemporaryState = true; _saveTemporaryState = true;
@ -1166,7 +1189,7 @@ void ScummEngine_v72he::o72_actorOps() {
a->_talkColor = pop(); a->_talkColor = pop();
break; break;
case 88: // SO_ACTOR_NAME case 88: // SO_ACTOR_NAME
copyScriptString(string); copyScriptString(string, sizeof(string));
loadPtrToResource(rtActorName, a->_number, string); loadPtrToResource(rtActorName, a->_number, string);
break; break;
case 89: // SO_INIT_ANIMATION case 89: // SO_INIT_ANIMATION
@ -1239,7 +1262,7 @@ void ScummEngine_v72he::o72_actorOps() {
break; break;
case 225: case 225:
{ {
copyScriptString(string); copyScriptString(string, sizeof(string));
int slot = pop(); int slot = pop();
int len = resStrLen(string) + 1; int len = resStrLen(string) + 1;
@ -1280,7 +1303,7 @@ void ScummEngine_v72he::o72_verbOps() {
} }
break; break;
case 125: // SO_VERB_NAME case 125: // SO_VERB_NAME
copyScriptString(name); copyScriptString(name, sizeof(name));
loadPtrToResource(rtVerb, slot, name); loadPtrToResource(rtVerb, slot, name);
vs->type = kTextVerbType; vs->type = kTextVerbType;
vs->imgindex = 0; vs->imgindex = 0;
@ -1394,7 +1417,7 @@ void ScummEngine_v72he::o72_arrayOps() {
debug(1,"o72_arrayOps: case %d", subOp); debug(1,"o72_arrayOps: case %d", subOp);
switch (subOp) { switch (subOp) {
case 7: // SO_ASSIGN_STRING case 7: // SO_ASSIGN_STRING
copyScriptString(string); copyScriptString(string, sizeof(string));
len = resStrLen(string) + 1; len = resStrLen(string) + 1;
ah = defineArray(array, kStringArray, 0, 0, 0, len); ah = defineArray(array, kStringArray, 0, 0, 0, len);
memcpy(ah->data, string, len); memcpy(ah->data, string, len);
@ -1590,7 +1613,7 @@ void ScummEngine_v72he::o72_dim2dimArray() {
void ScummEngine_v72he::o72_traceStatus() { void ScummEngine_v72he::o72_traceStatus() {
byte string[80]; byte string[80];
copyScriptString(string); copyScriptString(string, sizeof(string));
pop(); pop();
} }
@ -1624,7 +1647,7 @@ void ScummEngine_v72he::o72_drawWizImage() {
void ScummEngine_v72he::o72_unknownCF() { void ScummEngine_v72he::o72_unknownCF() {
byte string[255]; byte string[255];
copyScriptString(string); copyScriptString(string, sizeof(string));
int len = resStrLen(string) + 1; int len = resStrLen(string) + 1;
writeVar(0, 0); writeVar(0, 0);
@ -1651,7 +1674,7 @@ void ScummEngine_v72he::o72_openFile() {
byte filename[256]; byte filename[256];
mode = pop(); mode = pop();
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
debug(0,"Original filename %s", filename); debug(0,"Original filename %s", filename);
@ -1823,15 +1846,15 @@ void ScummEngine_v72he::o72_findAllObjects() {
void ScummEngine_v72he::o72_deleteFile() { void ScummEngine_v72he::o72_deleteFile() {
byte filename[100]; byte filename[100];
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
debug(1, "stub o72_deleteFile(%s)", filename); debug(1, "stub o72_deleteFile(%s)", filename);
} }
void ScummEngine_v72he::o72_rename() { void ScummEngine_v72he::o72_rename() {
byte oldFilename[256],newFilename[256]; byte oldFilename[256],newFilename[256];
copyScriptString(newFilename); copyScriptString(newFilename, sizeof(newFilename));
copyScriptString(oldFilename); copyScriptString(oldFilename, sizeof(oldFilename));
debug(1, "stub o72_rename(%s to %s)", oldFilename, newFilename); debug(1, "stub o72_rename(%s to %s)", oldFilename, newFilename);
} }
@ -2074,7 +2097,7 @@ void ScummEngine_v72he::o72_readINI() {
int len, type; int len, type;
// we pretend that we don't have .ini file // we pretend that we don't have .ini file
copyScriptString(option); copyScriptString(option, sizeof(option));
type = fetchScriptByte(); type = fetchScriptByte();
switch (type) { switch (type) {
@ -2111,13 +2134,13 @@ void ScummEngine_v72he::o72_writeINI() {
case 43: // HE 100 case 43: // HE 100
case 6: // number case 6: // number
value = pop(); value = pop();
copyScriptString(option); copyScriptString(option, sizeof(option));
ConfMan.set((char *)option, value); ConfMan.set((char *)option, value);
break; break;
case 77: // HE 100 case 77: // HE 100
case 7: // string case 7: // string
copyScriptString(string); copyScriptString(string, sizeof(string));
copyScriptString(option); copyScriptString(option, sizeof(option));
ConfMan.set((char *)option, (char *)string); ConfMan.set((char *)option, (char *)string);
break; break;
default: default:
@ -2169,13 +2192,13 @@ void ScummEngine_v72he::o72_getResourceSize() {
void ScummEngine_v72he::o72_setFilePath() { void ScummEngine_v72he::o72_setFilePath() {
// File related // File related
byte filename[100]; byte filename[100];
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
debug(1,"o72_setFilePath: %s", filename); debug(1,"o72_setFilePath: %s", filename);
} }
void ScummEngine_v72he::o72_setWindowCaption() { void ScummEngine_v72he::o72_setWindowCaption() {
byte name[100]; byte name[100];
copyScriptString(name); copyScriptString(name, sizeof(name));
int id = fetchScriptByte(); int id = fetchScriptByte();
debug(1,"o72_setWindowCaption: (%d) %s", id, name); debug(1,"o72_setWindowCaption: (%d) %s", id, name);

22
scumm/script_v80he.cpp
View file

@ -402,7 +402,7 @@ void ScummEngine_v80he::o80_loadSBNG() {
void ScummEngine_v80he::o80_getFileSize() { void ScummEngine_v80he::o80_getFileSize() {
byte filename[256]; byte filename[256];
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
File f; File f;
if (f.open((char *)filename) == false) { if (f.open((char *)filename) == false) {
@ -453,9 +453,9 @@ void ScummEngine_v80he::o80_readConfigFile() {
int type; int type;
// we pretend that we don't have .ini file // we pretend that we don't have .ini file
copyScriptString(section); copyScriptString(section, sizeof(section));
copyScriptString(name); copyScriptString(name, sizeof(name));
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
type = fetchScriptByte(); type = fetchScriptByte();
switch (type) { switch (type) {
@ -487,17 +487,17 @@ void ScummEngine_v80he::o80_writeConfigFile() {
case 43: // HE 100 case 43: // HE 100
case 6: // number case 6: // number
value = pop(); value = pop();
copyScriptString(section); copyScriptString(section, sizeof(section));
copyScriptString(name); copyScriptString(name, sizeof(name));
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
debug(1,"o80_writeConfigFile: Filename %s Section %s Name %s Value %d", filename, section, name, value); debug(1,"o80_writeConfigFile: Filename %s Section %s Name %s Value %d", filename, section, name, value);
break; break;
case 77: // HE 100 case 77: // HE 100
case 7: // string case 7: // string
copyScriptString(string); copyScriptString(string, sizeof(string));
copyScriptString(section); copyScriptString(section, sizeof(section));
copyScriptString(name); copyScriptString(name, sizeof(name));
copyScriptString(filename); copyScriptString(filename, sizeof(filename));
debug(1,"o80_writeConfigFile: Filename %s Section %s Name %s String %s", filename, section, name, string); debug(1,"o80_writeConfigFile: Filename %s Section %s Name %s String %s", filename, section, name, string);
break; break;
default: default:

6
scumm/script_v90he.cpp
View file

@ -541,12 +541,12 @@ void ScummEngine_v90he::o90_wizImageOps() {
case 3: case 3:
_wizParams.processFlags |= kWPFUseFile; _wizParams.processFlags |= kWPFUseFile;
_wizParams.processMode = 3; _wizParams.processMode = 3;
copyScriptString(_wizParams.filename); copyScriptString(_wizParams.filename, sizeof(_wizParams.filename));
break; break;
case 4: case 4:
_wizParams.processFlags |= kWPFUseFile; _wizParams.processFlags |= kWPFUseFile;
_wizParams.processMode = 4; _wizParams.processMode = 4;
copyScriptString(_wizParams.filename); copyScriptString(_wizParams.filename, sizeof(_wizParams.filename));
_wizParams.fileWriteMode = pop(); _wizParams.fileWriteMode = pop();
break; break;
case 5: case 5:
@ -2285,7 +2285,7 @@ void ScummEngine_v90he::o90_unknownA5() {
case 42: case 42:
a = pop(); a = pop();
if (a == 2) { if (a == 2) {
copyScriptString(string); copyScriptString(string, sizeof(string));
push(-1); push(-1);
} else if (a == 1) { } else if (a == 1) {
pop(); pop();

12
scumm/scumm.cpp
View file

@ -874,8 +874,6 @@ ScummEngine::ScummEngine(GameDetector *detector, OSystem *syst, const ScummGameS
memset(_charsetData, 0, sizeof(_charsetData)); memset(_charsetData, 0, sizeof(_charsetData));
_charsetBufPos = 0; _charsetBufPos = 0;
memset(_charsetBuffer, 0, sizeof(_charsetBuffer)); memset(_charsetBuffer, 0, sizeof(_charsetBuffer));
_stringLength = 0;
memset(_stringBuffer, 0, sizeof(_stringBuffer));
_copyProtection = false; _copyProtection = false;
_demoMode = false; _demoMode = false;
_confirmExit = false; _confirmExit = false;
@ -1646,8 +1644,16 @@ void ScummEngine_v60he::scummInit() {
setCursorHotspot(16, 16); setCursorHotspot(16, 16);
} }
void ScummEngine_v72he::scummInit() {
ScummEngine_v60he::scummInit();
_stringLength = 1;
_stringStart = 1;
memset(_stringBuffer, 0, sizeof(_stringBuffer));
}
void ScummEngine_v90he::scummInit() { void ScummEngine_v90he::scummInit() {
ScummEngine_v80he::scummInit(); ScummEngine_v72he::scummInit();
_heObject = 0; _heObject = 0;
_heObjectNum = 0; _heObjectNum = 0;

3
scumm/scumm.h
View file

@ -1168,9 +1168,6 @@ protected:
int _charsetBufPos; int _charsetBufPos;
byte _charsetBuffer[512]; byte _charsetBuffer[512];
int _stringLength;
byte _stringBuffer[4096];
bool _keepText; bool _keepText;
void initCharset(int charset); void initCharset(int charset);