From 0c2ab7182966b1897413e145fe80b95fca454edc Mon Sep 17 00:00:00 2001 From: Martin Kiewitz Date: Fri, 30 Oct 2009 10:06:35 +0000 Subject: SCI: kStrAt / dont do call, when offset exceeds maxSize. fixes crash in kq5 svn-id: r45530 --- engines/sci/engine/kstring.cpp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'engines/sci') diff --git a/engines/sci/engine/kstring.cpp b/engines/sci/engine/kstring.cpp index 8e4f72631b..db218f5097 100644 --- a/engines/sci/engine/kstring.cpp +++ b/engines/sci/engine/kstring.cpp @@ -309,8 +309,11 @@ reg_t kStrAt(EngineState *s, int argc, reg_t *argv) { newvalue = argv[2].toSint16(); if (dest_r.isRaw) { - // FIXME: in kq5 this here gets called with offset = 0xFFFF, we should implement maxSize check in here - // i dont know the exact behaviour, so i dont know how to do this correctly + // in kq5 this here gets called with offset 0xFFFF + if ((int)offset > dest_r.maxSize) { + warning("kStrAt offset %X exceeds maxSize", offset); + return s->r_acc; + } value = dest_r.raw[offset]; if (argc > 2) /* Request to modify this char */ dest_r.raw[offset] = newvalue; -- cgit v1.2.3