From c3d8f5610f6e5e4259e93b4f59fa7a8c73b7d652 Mon Sep 17 00:00:00 2001 From: md5 Date: Wed, 2 Mar 2011 08:25:35 +0200 Subject: SCI: Fixed script bug #3059871 - "SCI Fanmade - Ocean Battle: Crash while playing" --- engines/sci/engine/script.cpp | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'engines/sci/engine/script.cpp') diff --git a/engines/sci/engine/script.cpp b/engines/sci/engine/script.cpp index 6719b73aa5..3c81a93767 100644 --- a/engines/sci/engine/script.cpp +++ b/engines/sci/engine/script.cpp @@ -129,6 +129,17 @@ void Script::load(ResourceManager *resMan) { Resource *script = resMan->findResource(ResourceId(kResourceTypeScript, _nr), 0); assert(script != 0); + uint extraLocalsWorkaround = 0; + if (g_sci->getGameId() == GID_FANMADE && _nr == 1 && script->size == 11140) { + // WORKAROUND: Script 1 in Ocean Battle doesn't have enough locals to + // fit the string showing how many shots are left (a nasty script bug, + // corrupting heap memory). We add 10 more locals so that it has enough + // space to use as the target for its kFormat operation. Fixes bug + // #3059871. + extraLocalsWorkaround = 10; + } + _bufSize += extraLocalsWorkaround * 2; + _buf = (byte *)malloc(_bufSize); assert(_buf); @@ -187,6 +198,9 @@ void Script::load(ResourceManager *resMan) { _localsOffset = 24 + _numExports * 2; } + // WORKAROUND: Increase locals, if needed (check above) + _localsCount += extraLocalsWorkaround; + if (getSciVersion() == SCI_VERSION_0_EARLY) { // SCI0 early // Old script block. There won't be a localvar block in this case. @@ -202,7 +216,7 @@ void Script::load(ResourceManager *resMan) { if (_localsOffset + _localsCount * 2 + 1 >= (int)_bufSize) { error("Locals extend beyond end of script: offset %04x, count %d vs size %d", _localsOffset, _localsCount, _bufSize); - _localsCount = (_bufSize - _localsOffset) >> 1; + //_localsCount = (_bufSize - _localsOffset) >> 1; } } } -- cgit v1.2.3 From ca1f9a075f7914ae3ceb83b9a01b5b7a193041e9 Mon Sep 17 00:00:00 2001 From: md5 Date: Mon, 14 Mar 2011 20:00:26 +0200 Subject: SCI: Got rid of VERIFY() and removed some newlines in error messages --- engines/sci/engine/script.cpp | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'engines/sci/engine/script.cpp') diff --git a/engines/sci/engine/script.cpp b/engines/sci/engine/script.cpp index 3c81a93767..fb96518f19 100644 --- a/engines/sci/engine/script.cpp +++ b/engines/sci/engine/script.cpp @@ -70,7 +70,7 @@ void Script::init(int script_nr, ResourceManager *resMan) { Resource *script = resMan->findResource(ResourceId(kResourceTypeScript, script_nr), 0); if (!script) - error("Script %d not found\n", script_nr); + error("Script %d not found", script_nr); _localsOffset = 0; _localsBlock = NULL; @@ -257,9 +257,8 @@ Object *Script::scriptObjInit(reg_t obj_pos, bool fullObjectInit) { if (getSciVersion() < SCI_VERSION_1_1 && fullObjectInit) obj_pos.offset += 8; // magic offset (SCRIPT_OBJECT_MAGIC_OFFSET) - VERIFY(obj_pos.offset < _bufSize, "Attempt to initialize object beyond end of script\n"); - - VERIFY(obj_pos.offset + kOffsetFunctionArea < (int)_bufSize, "Function area pointer stored beyond end of script\n"); + if (obj_pos.offset >= _bufSize) + error("Attempt to initialize object beyond end of script"); // Get the object at the specified position and init it. This will // automatically "allocate" space for it in the _objects map if necessary. @@ -327,8 +326,9 @@ void Script::relocateSci0Sci21(reg_t block) { heapOffset = _scriptSize; } - VERIFY(block.offset < (uint16)heapSize && READ_SCI11ENDIAN_UINT16(heap + block.offset) * 2 + block.offset < (uint16)heapSize, - "Relocation block outside of script\n"); + if (block.offset >= (uint16)heapSize || + READ_SCI11ENDIAN_UINT16(heap + block.offset) * 2 + block.offset >= (uint16)heapSize) + error("Relocation block outside of script"); int count = READ_SCI11ENDIAN_UINT16(heap + block.offset); int exportIndex = 0; @@ -418,7 +418,8 @@ uint16 Script::validateExportFunc(int pubfunct, bool relocate) { offset = relocateOffsetSci3(pubfunct * 2 + 22); } - VERIFY(offset < _bufSize, "invalid export function pointer"); + if (offset >= _bufSize) + error("Invalid export function pointer"); // Check if the offset found points to a second export table (e.g. script 912 // in Camelot and script 306 in KQ4). Such offsets are usually small (i.e. < 10), @@ -432,7 +433,8 @@ uint16 Script::validateExportFunc(int pubfunct, bool relocate) { if (secondExportTable) { secondExportTable += 3; // skip header plus 2 bytes (secondExportTable is a uint16 pointer) offset = READ_SCI11ENDIAN_UINT16(secondExportTable + pubfunct); - VERIFY(offset < _bufSize, "invalid export function pointer"); + if (offset >= _bufSize) + error("Invalid export function pointer"); } } -- cgit v1.2.3 From eb8b1a962b26ffe9af003a2045aade36734240cb Mon Sep 17 00:00:00 2001 From: Willem Jan Palenstijn Date: Wed, 20 Apr 2011 23:37:53 +0200 Subject: SCI: Fix precedence (bug #3087872) --- engines/sci/engine/script.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'engines/sci/engine/script.cpp') diff --git a/engines/sci/engine/script.cpp b/engines/sci/engine/script.cpp index fb96518f19..25bf91c3ad 100644 --- a/engines/sci/engine/script.cpp +++ b/engines/sci/engine/script.cpp @@ -611,7 +611,7 @@ void Script::initialiseObjectsSci0(SegManager *segMan, SegmentId segmentId) { // #3150767. // Same happens with script 764, it seems to // contain junk towards its end. - _objects.erase(addr.toUint16() + (getSciVersion() < SCI_VERSION_1_1) ? 8 : 0); + _objects.erase(addr.toUint16() - SCRIPT_OBJECT_MAGIC_OFFSET); } else { error("Failed to locate base object for object at %04X:%04X", PRINT_REG(addr)); } -- cgit v1.2.3