diff options
| author | Joost Peters | 2003-07-16 13:55:18 +0000 |
|---|---|---|
| committer | Joost Peters | 2003-07-16 13:55:18 +0000 |
| commit | 91ee8e1c10faa2052bec5489e940c93818fbcfb8 (patch) | |
| tree | 0fd19bb14451d5388e9c994d20769a0f0045997e | |
| parent | f91fb2980a9c23bd191e1455042a44f7d1b212a0 (diff) | |
| download | scummvm-rg350-91ee8e1c10faa2052bec5489e940c93818fbcfb8.tar.gz scummvm-rg350-91ee8e1c10faa2052bec5489e940c93818fbcfb8.tar.bz2 scummvm-rg350-91ee8e1c10faa2052bec5489e940c93818fbcfb8.zip | |
Quick-Fix for the OOB access in RNC decoder.
Obviously this should be fixed in the decoder itself,
but for some reason I couldn't get it to work in a short period of time.
(before every offending READ_UINT16(), I had a call to function that was like this: "if ((_srcPtr - _startPtr) >= _packLen) { _srcPtr -= 2; }", note that _srcPtr is the current position in the buffer, _startPos is the starting position of the buffer and _packLen is the (supposed?) size.
but I would still get "Invalid Read of 2" with this in Valgrind ..maybe someone knows what I did wrong?)
svn-id: r9050
| -rw-r--r-- | sky/disk.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sky/disk.cpp b/sky/disk.cpp index c6ca874c0e..4988b85fa6 100644 --- a/sky/disk.cpp +++ b/sky/disk.cpp @@ -147,7 +147,7 @@ uint8 *SkyDisk::loadFile(uint16 fileNr, uint8 *dest) { _compDest = dest; if (dest == NULL) //we need to allocate memory for this file - _fileDest = (uint8 *)malloc(_fileSize); + _fileDest = (uint8 *)malloc(_fileSize + 4); _dataDiskHandle->seek(_fileOffset, SEEK_SET); |