diff options
| author | Colin Snover | 2016-09-15 09:03:29 -0500 |
|---|---|---|
| committer | Colin Snover | 2016-09-29 19:39:16 -0500 |
| commit | b3cfe699f6b3cd9590a4f3b1e5ec2ef656b86dbb (patch) | |
| tree | 3f622f034248ec0f4e28078b9e675823661478aa | |
| parent | c8516ff9ebc7480c2303b4ab2c151b46444e1911 (diff) | |
| download | scummvm-rg350-b3cfe699f6b3cd9590a4f3b1e5ec2ef656b86dbb.tar.gz scummvm-rg350-b3cfe699f6b3cd9590a4f3b1e5ec2ef656b86dbb.tar.bz2 scummvm-rg350-b3cfe699f6b3cd9590a4f3b1e5ec2ef656b86dbb.zip | |
SCI32: Fix read overflow when there are no save games
SCI system scripts will always try to read once from the game IDs
array even if the number of games is zero.
| -rw-r--r-- | engines/sci/engine/kfile.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/engines/sci/engine/kfile.cpp b/engines/sci/engine/kfile.cpp index cfb829bab2..b6fbd45562 100644 --- a/engines/sci/engine/kfile.cpp +++ b/engines/sci/engine/kfile.cpp @@ -1250,7 +1250,7 @@ reg_t kGetSaveFiles32(EngineState *s, int argc, reg_t *argv) { // Normally SSCI limits to 20 games per directory, but ScummVM allows more // than that descriptions.resize(SCI_MAX_SAVENAME_LENGTH * saves.size() + 1, true); - saveIds.resize(saves.size(), true); + saveIds.resize(saves.size() + 1, true); for (uint i = 0; i < saves.size(); ++i) { const SavegameDesc &save = saves[i]; @@ -1260,6 +1260,7 @@ reg_t kGetSaveFiles32(EngineState *s, int argc, reg_t *argv) { } descriptions.charAt(SCI_MAX_SAVENAME_LENGTH * saves.size()) = '\0'; + saveIds.int16At(saves.size()) = 0; return make_reg(0, saves.size()); } |