diff options
| author | Colin Snover | 2017-05-13 23:42:53 -0500 |
|---|---|---|
| committer | Colin Snover | 2017-05-13 23:45:59 -0500 |
| commit | dec12f5b6dca67e5d6f47579bfee5ef2d1ab7ed3 (patch) | |
| tree | b11c9e088b31447486fced460a8ec63a21b7477e /engines/sci | |
| parent | 444b11b1bb7cc01cc26cdd61247eda536c2cb7d5 (diff) | |
| download | scummvm-rg350-dec12f5b6dca67e5d6f47579bfee5ef2d1ab7ed3.tar.gz scummvm-rg350-dec12f5b6dca67e5d6f47579bfee5ef2d1ab7ed3.tar.bz2 scummvm-rg350-dec12f5b6dca67e5d6f47579bfee5ef2d1ab7ed3.zip | |
SCI: Guard against potential stack overflow in vocab word parser
Diffstat (limited to 'engines/sci')
| -rw-r--r-- | engines/sci/parser/vocabulary.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/engines/sci/parser/vocabulary.cpp b/engines/sci/parser/vocabulary.cpp index 3989f20209..2642b6bd6e 100644 --- a/engines/sci/parser/vocabulary.cpp +++ b/engines/sci/parser/vocabulary.cpp @@ -142,7 +142,7 @@ bool Vocabulary::loadParserWords() { if (resourceType == kVocabularySCI1) { c = 1; - while (seeker < resource->size() && currentWordPos < 255 && c) { + while (seeker < resource->size() && currentWordPos < ARRAYSIZE(currentWord) - 1 && c) { c = resource->getUint8At(seeker++); currentWord[currentWordPos++] = c; } @@ -158,6 +158,7 @@ bool Vocabulary::loadParserWords() { return false; } c = resource->getUint8At(seeker++); + assert(currentWordPos < ARRAYSIZE(currentWord) - 1); currentWord[currentWordPos++] = c & 0x7f; // 0x80 is used to terminate the string } while (c < 0x80); } |