diff options
| author | Paul Gilbert | 2015-05-08 20:41:12 -0400 |
|---|---|---|
| committer | Paul Gilbert | 2015-05-08 20:41:12 -0400 |
| commit | 263f33a9f83f9d1d00a100b7532dd28e59ee3a6b (patch) | |
| tree | bb0fa4352bc9cd7c0053ffe7c2cf740174f38fa5 | |
| parent | bf0882badc0f29aa8df687fb6f2d0fddded209ab (diff) | |
| download | scummvm-rg350-263f33a9f83f9d1d00a100b7532dd28e59ee3a6b.tar.gz scummvm-rg350-263f33a9f83f9d1d00a100b7532dd28e59ee3a6b.tar.bz2 scummvm-rg350-263f33a9f83f9d1d00a100b7532dd28e59ee3a6b.zip | |
SHERLOCK: Fix some reads beyond script end in doScript
| -rw-r--r-- | engines/sherlock/talk.cpp | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/engines/sherlock/talk.cpp b/engines/sherlock/talk.cpp index 6d56149c6c..bbc61a3c13 100644 --- a/engines/sherlock/talk.cpp +++ b/engines/sherlock/talk.cpp @@ -1010,6 +1010,7 @@ void Talk::doScript(const Common::String &script) { _savedSequences.clear(); const byte *scriptStart = (const byte *)script.c_str(); + const byte *scriptEnd = scriptStart + script.size(); const byte *str = scriptStart; if (_scriptMoreFlag) { @@ -1577,13 +1578,13 @@ void Talk::doScript(const Common::String &script) { ++line; // Certain different conditions require a wait - if ((line == 4 && str[0] != SFX_COMMAND && str[0] != PAUSE && _speaker != -1) || - (line == 5 && str[0] != PAUSE && _speaker == -1) || + if ((line == 4 && str < scriptEnd && str[0] != SFX_COMMAND && str[0] != PAUSE && _speaker != -1) || + (line == 5 && str < scriptEnd && str[0] != PAUSE && _speaker == -1) || endStr) { wait = 1; } - switch (str[0]) { + switch (str >= scriptEnd ? 0 : str[0]) { case SWITCH_SPEAKER: case ASSIGN_PORTRAIT_LOCATION: case BANISH_WINDOW: @@ -1631,7 +1632,7 @@ void Talk::doScript(const Common::String &script) { } // Clear the window unless the wait was due to a PAUSE command - if (!pauseFlag && wait != -1 && str[0] != SFX_COMMAND) { + if (!pauseFlag && wait != -1 && str < scriptEnd && str[0] != SFX_COMMAND) { if (!_talkStealth) ui.clearWindow(); yp = CONTROLS_Y + 12; |