diff options
| author | Strangerke | 2014-03-15 11:42:57 +0100 |
|---|---|---|
| committer | Strangerke | 2014-03-15 11:42:57 +0100 |
| commit | 0e48803b42ec570a4a7aa01222c44333543c990b (patch) | |
| tree | 7badd8c3168a3c749a3f98a5b62d9f180e795549 | |
| parent | 8f41fc10b2c458e13631d8eeed0ee3de8879a8fa (diff) | |
| download | scummvm-rg350-0e48803b42ec570a4a7aa01222c44333543c990b.tar.gz scummvm-rg350-0e48803b42ec570a4a7aa01222c44333543c990b.tar.bz2 scummvm-rg350-0e48803b42ec570a4a7aa01222c44333543c990b.zip | |
TUCKER: Add a safeguard in updateCharPosition() to avoid a potential out-of-bounds read, change the type of a variable to boolean
| -rw-r--r-- | engines/tucker/tucker.cpp | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/engines/tucker/tucker.cpp b/engines/tucker/tucker.cpp index 1d38d0f806..68ffe5e5e5 100644 --- a/engines/tucker/tucker.cpp +++ b/engines/tucker/tucker.cpp @@ -855,35 +855,37 @@ void TuckerEngine::updateCharPosition() { } int actionKey = _currentActionObj2Num * 1000000 + _currentInfoString2SourceType * 100000 + _currentActionVerb * 10000 + _currentInfoString1SourceType * 1000 + _currentActionObj1Num; debug(3, "updateCharPosition() actionKey %d", actionKey); - int skip = 0; - Action *action = 0; - for (int i = 0; i < _actionsCount && skip == 0; ++i) { + bool skip = false; + Action *action = nullptr; + for (int i = 0; i < _actionsCount && !skip; ++i) { action = &_actionsTable[i]; if (action->_key == actionKey) { - skip = 1; + skip = true; if (action->_testFlag1Num != 0) { if (action->_testFlag1Num < 500) { + if (action->_testFlag1Num >= 300) + error("updateCharPosition() - Unexpected value for _testFlag1Num : %d", action->_testFlag1Num); if (_flagsTable[action->_testFlag1Num] != action->_testFlag1Value) { - skip = 0; + skip = false; } } else if (_inventoryItemsState[action->_testFlag1Num - 500] != action->_testFlag1Value) { - skip = 0; + skip = false; } debug(3, "updateCharPosition() flag1 %d value %d", action->_testFlag1Num, action->_testFlag1Value); } if (action->_testFlag2Num != 0) { if (action->_testFlag2Num < 500) { if (_flagsTable[action->_testFlag2Num] != action->_testFlag2Value) { - skip = 0; + skip = false; } } else if (_inventoryItemsState[action->_testFlag2Num - 500] != action->_testFlag2Value) { - skip = 0; + skip = false; } debug(3, "updateCharPosition() flag2 %d value %d", action->_testFlag2Num, action->_testFlag2Value); } } } - if (skip == 0) { + if (!skip) { playSpeechForAction(_currentActionVerb); _currentActionVerb = 0; return; |