From 217996b1348a90af1f642cbf39ef6fdea86bed50 Mon Sep 17 00:00:00 2001 From: Misa Date: Fri, 29 Mar 2024 20:16:57 -0700 Subject: [PATCH] Fix UB from out-of-range If there was a scaling mode value (serialized in the XML as for legacy reasons) that was not 0 or 1 or 2, then the rectangle with the stretch information would not be initialized by get_stretch_info, which would lead to a crash, either from dividing by zero (most likely) or from reading an uninitialized value. To fix this, when reading , normalize it to a sane default if the value is otherwise bogus. And for good measure, an assertion is added in get_stretch_info() if the value is still somehow bogus. Fixes #1155. --- desktop_version/src/Game.cpp | 8 +++++++- desktop_version/src/Graphics.cpp | 7 +++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/desktop_version/src/Game.cpp b/desktop_version/src/Game.cpp index 035070cf..1d7bad14 100644 --- a/desktop_version/src/Game.cpp +++ b/desktop_version/src/Game.cpp @@ -4728,7 +4728,13 @@ void Game::deserializesettings(tinyxml2::XMLElement* dataNode, struct ScreenSett if (SDL_strcmp(pKey, "stretch") == 0) { - screen_settings->scalingMode = help.Int(pText); + int mode = help.Int(pText); + if (mode < 0 || mode >= NUM_SCALING_MODES) + { + /* Pick a sane default. */ + mode = SCALING_INTEGER; + } + screen_settings->scalingMode = mode; } if (SDL_strcmp(pKey, "useLinearFilter") == 0) diff --git a/desktop_version/src/Graphics.cpp b/desktop_version/src/Graphics.cpp index ed5c93f1..7d7489e5 100644 --- a/desktop_version/src/Graphics.cpp +++ b/desktop_version/src/Graphics.cpp @@ -3517,6 +3517,13 @@ void Graphics::get_stretch_info(SDL_Rect* rect) rect->w = width; rect->h = height; break; + default: + SDL_assert(0 && "Invalid scaling mode!"); + /* Width and height should be nonzero to avoid division by zero. */ + rect->x = 0; + rect->y = 0; + rect->w = width; + rect->h = height; } }