mpo/VVVVVV
1
0
Fork 0
mirror of https://github.com/TerryCavanagh/VVVVVV.git synced 2024-06-28 07:28:30 +02:00
Code Issues Releases Wiki Activity

Guard all cases obj.getteleporter() is used unchecked

Browse Source 
obj.getteleporter() is able to return -1. If there's no check on it, it
will end up indexing out-of-bounds, which is Undefined Behavior.
This commit is contained in:
Misa 2020-06-12 19:31:08 -07:00 committed by Ethan Lee
parent 3b76713441
commit 08e47e839f
3 changed files with 57 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
desktop_version/src/Game.cpp
View File

@ -2157,6 +2157,7 @@ void Game::updatestate()
music.playef(10); music.playef(10);
break; break;
case 2502: case 2502:
{
//Activating a teleporter 2 //Activating a teleporter 2
state++; state++;
statedelay = 5; statedelay = 5;
@ -2165,17 +2166,25 @@ void Game::updatestate()
obj.entities[i].colour = 0; obj.entities[i].colour = 0;
obj.entities[i].invis = false; obj.entities[i].invis = false;
obj.entities[i].xp = obj.entities[obj.getteleporter()].xp+44; int j = obj.getteleporter();
obj.entities[i].yp = obj.entities[obj.getteleporter()].yp+44; if (j > -1)
{
obj.entities[i].xp = obj.entities[j].xp+44;
obj.entities[i].yp = obj.entities[j].yp+44;
}
obj.entities[i].ay = -6; obj.entities[i].ay = -6;
obj.entities[i].ax = 6; obj.entities[i].ax = 6;
obj.entities[i].vy = -6; obj.entities[i].vy = -6;
obj.entities[i].vx = 6; obj.entities[i].vx = 6;
i = obj.getteleporter(); i = obj.getteleporter();
obj.entities[i].tile = 1; if (i > -1)
obj.entities[i].colour = 101; {
obj.entities[i].tile = 1;
obj.entities[i].colour = 101;
}
break; break;
}
case 2503: case 2503:
state++; state++;
i = obj.getplayer(); i = obj.getplayer();
@ -2316,8 +2325,11 @@ void Game::updatestate()
} }
i = obj.getteleporter(); i = obj.getteleporter();
obj.entities[i].tile = 1; if (i > -1)
obj.entities[i].colour = 100; {
obj.entities[i].tile = 1;
obj.entities[i].colour = 100;
}
break; break;
case 3006: case 3006:
@ -3517,8 +3529,11 @@ void Game::updatestate()
} }
i = obj.getteleporter(); i = obj.getteleporter();
activetele = true; activetele = true;
teleblock.x = obj.entities[i].xp - 32; if (i > -1)
teleblock.y = obj.entities[i].yp - 32; {
teleblock.x = obj.entities[i].xp - 32;
teleblock.y = obj.entities[i].yp - 32;
}
teleblock.w = 160; teleblock.w = 160;
teleblock.h = 160; teleblock.h = 160;
hascontrol = true; hascontrol = true;

21
desktop_version/src/Input.cpp
View File

@ -1608,8 +1608,11 @@ void gameinput()
obj.entities[player].colour = 102; obj.entities[player].colour = 102;
int teleporter = obj.getteleporter(); int teleporter = obj.getteleporter();
obj.entities[teleporter].tile = 6; if (teleporter > -1)
obj.entities[teleporter].colour = 102; {
obj.entities[teleporter].tile = 6;
obj.entities[teleporter].colour = 102;
}
//which teleporter script do we use? it depends on the companion! //which teleporter script do we use? it depends on the companion!
game.state = 4000; game.state = 4000;
game.statedelay = 0; game.statedelay = 0;
@ -1641,8 +1644,11 @@ void gameinput()
if(companion>-1) obj.entities[companion].colour = 102; if(companion>-1) obj.entities[companion].colour = 102;
int teleporter = obj.getteleporter(); int teleporter = obj.getteleporter();
obj.entities[teleporter].tile = 6; if (teleporter > -1)
obj.entities[teleporter].colour = 102; {
obj.entities[teleporter].tile = 6;
obj.entities[teleporter].colour = 102;
}
//which teleporter script do we use? it depends on the companion! //which teleporter script do we use? it depends on the companion!
game.state = 3000; game.state = 3000;
game.statedelay = 0; game.statedelay = 0;
@ -2113,8 +2119,11 @@ void teleporterinput()
obj.entities[i].colour = 102; obj.entities[i].colour = 102;
i = obj.getteleporter(); i = obj.getteleporter();
obj.entities[i].tile = 6; if (i > -1)
obj.entities[i].colour = 102; {
obj.entities[i].tile = 6;
obj.entities[i].colour = 102;
}
//which teleporter script do we use? it depends on the companion! //which teleporter script do we use? it depends on the companion!
game.state = 4000; game.state = 4000;
game.statedelay = 0; game.statedelay = 0;

26
desktop_version/src/Script.cpp
View File

@ -1097,8 +1097,11 @@ void scriptclass::run()
else if (words[0] == "activateteleporter") else if (words[0] == "activateteleporter")
{ {
i = obj.getteleporter(); i = obj.getteleporter();
obj.entities[i].tile = 6; if (i > -1)
obj.entities[i].colour = 102; {
obj.entities[i].tile = 6;
obj.entities[i].colour = 102;
}
} }
else if (words[0] == "changecolour") else if (words[0] == "changecolour")
{ {
@ -1835,7 +1838,10 @@ void scriptclass::run()
else if (words[0] == "activeteleporter") else if (words[0] == "activeteleporter")
{ {
i = obj.getteleporter(); i = obj.getteleporter();
obj.entities[i].colour = 101; if (i > -1)
{
obj.entities[i].colour = 101;
}
} }
else if (words[0] == "foundtrinket") else if (words[0] == "foundtrinket")
{ {
@ -3290,12 +3296,18 @@ void scriptclass::teleport()
game.gravitycontrol = 0; game.gravitycontrol = 0;
map.gotoroom(100+game.teleport_to_x, 100+game.teleport_to_y); map.gotoroom(100+game.teleport_to_x, 100+game.teleport_to_y);
j = obj.getteleporter(); j = obj.getteleporter();
obj.entities[j].state = 2; if (j > -1)
{
obj.entities[j].state = 2;
}
game.teleport_to_new_area = false; game.teleport_to_new_area = false;
game.savepoint = obj.entities[j].para; if (j > -1)
game.savex = obj.entities[j].xp + 44; {
game.savey = obj.entities[j].yp + 44; game.savepoint = obj.entities[j].para;
game.savex = obj.entities[j].xp + 44;
game.savey = obj.entities[j].yp + 44;
}
game.savegc = 0; game.savegc = 0;
game.saverx = game.roomx; game.saverx = game.roomx;