Browse Source

ref_soft,ref_gl: fix unaligned read in sprite code

master
mittorn 1 year ago committed by Alibek Omarov
parent
commit
b0bbcab6b4
  1. 29
      ref/gl/gl_sprite.c
  2. 26
      ref/soft/r_sprite.c

29
ref/gl/gl_sprite.c

@ -46,7 +46,7 @@ R_SpriteLoadFrame
upload a single frame upload a single frame
==================== ====================
*/ */
static const dframetype_t *R_SpriteLoadFrame( model_t *mod, const void *pin, mspriteframe_t **ppframe, int num ) static const byte *R_SpriteLoadFrame( model_t *mod, const void *pin, mspriteframe_t **ppframe, int num )
{ {
dspriteframe_t pinframe; dspriteframe_t pinframe;
mspriteframe_t *pspriteframe; mspriteframe_t *pspriteframe;
@ -82,7 +82,7 @@ static const dframetype_t *R_SpriteLoadFrame( model_t *mod, const void *pin, msp
pspriteframe->gl_texturenum = gl_texturenum; pspriteframe->gl_texturenum = gl_texturenum;
*ppframe = pspriteframe; *ppframe = pspriteframe;
return ( const dframetype_t* )(( const byte* )pin + sizeof( dspriteframe_t ) + pinframe.width * pinframe.height * bytes ); return (( const byte* )pin + sizeof( dspriteframe_t ) + pinframe.width * pinframe.height * bytes );
} }
/* /*
@ -92,7 +92,7 @@ R_SpriteLoadGroup
upload a group frames upload a group frames
==================== ====================
*/ */
static const dframetype_t *R_SpriteLoadGroup( model_t *mod, const void *pin, mspriteframe_t **ppframe, int framenum ) static const byte *R_SpriteLoadGroup( model_t *mod, const void *pin, mspriteframe_t **ppframe, int framenum )
{ {
const dspritegroup_t *pingroup; const dspritegroup_t *pingroup;
mspritegroup_t *pspritegroup; mspritegroup_t *pspritegroup;
@ -128,9 +128,10 @@ static const dframetype_t *R_SpriteLoadGroup( model_t *mod, const void *pin, msp
ptemp = R_SpriteLoadFrame( mod, ptemp, &pspritegroup->frames[i], framenum * 10 + i ); ptemp = R_SpriteLoadFrame( mod, ptemp, &pspritegroup->frames[i], framenum * 10 + i );
} }
return (const dframetype_t *)ptemp; return ptemp;
} }
/* /*
==================== ====================
Mod_LoadSpriteModel Mod_LoadSpriteModel
@ -142,7 +143,8 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
{ {
const dsprite_t *pin; const dsprite_t *pin;
const short *numi = NULL; const short *numi = NULL;
const dframetype_t *pframetype; const byte *pframetype;
dframetype_t dframetype;
msprite_t *psprite; msprite_t *psprite;
int i; int i;
@ -152,7 +154,7 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
if( pin->version == SPRITE_VERSION_Q1 || pin->version == SPRITE_VERSION_32 ) if( pin->version == SPRITE_VERSION_Q1 || pin->version == SPRITE_VERSION_32 )
numi = NULL; numi = NULL;
else if( pin->version == SPRITE_VERSION_HL ) else if( pin->version == SPRITE_VERSION_HL )
numi = (const short *)(void *)((const byte*)buffer + sizeof( dsprite_hl_t )); numi = (const short *)((const byte*)buffer + sizeof( dsprite_hl_t ));
r_texFlags = texFlags; r_texFlags = texFlags;
sprite_version = pin->version; sprite_version = pin->version;
@ -164,7 +166,7 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
rgbdata_t *pal; rgbdata_t *pal;
pal = gEngfuncs.FS_LoadImage( "#id.pal", (byte *)&i, 768 ); pal = gEngfuncs.FS_LoadImage( "#id.pal", (byte *)&i, 768 );
pframetype = (const dframetype_t *)(void *)((const byte*)buffer + sizeof( dsprite_q1_t )); // pinq1 + 1 pframetype = ((const byte*)buffer + sizeof( dsprite_q1_t )); // pinq1 + 1
gEngfuncs.FS_FreeImage( pal ); // palette installed, no reason to keep this data gEngfuncs.FS_FreeImage( pal ); // palette installed, no reason to keep this data
} }
else if( *numi == 256 ) else if( *numi == 256 )
@ -186,7 +188,7 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
break; break;
} }
pframetype = (const dframetype_t *)(void *)(src + 768); pframetype = (const byte *)(src + 768);
gEngfuncs.FS_FreeImage( pal ); // palette installed, no reason to keep this data gEngfuncs.FS_FreeImage( pal ); // palette installed, no reason to keep this data
} }
else else
@ -200,22 +202,25 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
for( i = 0; i < mod->numframes; i++ ) for( i = 0; i < mod->numframes; i++ )
{ {
frametype_t frametype = pframetype->type; frametype_t frametype;
memcpy( &dframetype, pframetype, sizeof( dframetype ));
frametype = dframetype.type;
psprite->frames[i].type = (spriteframetype_t)frametype; psprite->frames[i].type = (spriteframetype_t)frametype;
switch( frametype ) switch( frametype )
{ {
case FRAME_SINGLE: case FRAME_SINGLE:
Q_strncpy( group_suffix, "frame", sizeof( group_suffix )); Q_strncpy( group_suffix, "frame", sizeof( group_suffix ));
pframetype = R_SpriteLoadFrame( mod, pframetype + 1, &psprite->frames[i].frameptr, i ); pframetype = R_SpriteLoadFrame( mod, pframetype + sizeof( dframetype_t ), &psprite->frames[i].frameptr, i );
break; break;
case FRAME_GROUP: case FRAME_GROUP:
Q_strncpy( group_suffix, "group", sizeof( group_suffix )); Q_strncpy( group_suffix, "group", sizeof( group_suffix ));
pframetype = R_SpriteLoadGroup( mod, pframetype + 1, &psprite->frames[i].frameptr, i ); pframetype = R_SpriteLoadGroup( mod, pframetype + sizeof( dframetype_t ), &psprite->frames[i].frameptr, i );
break; break;
case FRAME_ANGLED: case FRAME_ANGLED:
Q_strncpy( group_suffix, "angle", sizeof( group_suffix )); Q_strncpy( group_suffix, "angle", sizeof( group_suffix ));
pframetype = R_SpriteLoadGroup( mod, pframetype + 1, &psprite->frames[i].frameptr, i ); pframetype = R_SpriteLoadGroup( mod, pframetype + sizeof( dframetype_t ), &psprite->frames[i].frameptr, i );
break; break;
} }
if( pframetype == NULL ) break; // technically an error if( pframetype == NULL ) break; // technically an error

26
ref/soft/r_sprite.c

@ -46,7 +46,7 @@ R_SpriteLoadFrame
upload a single frame upload a single frame
==================== ====================
*/ */
static const dframetype_t *R_SpriteLoadFrame( model_t *mod, const void *pin, mspriteframe_t **ppframe, int num ) static const byte *R_SpriteLoadFrame( model_t *mod, const void *pin, mspriteframe_t **ppframe, int num )
{ {
dspriteframe_t pinframe; dspriteframe_t pinframe;
mspriteframe_t *pspriteframe; mspriteframe_t *pspriteframe;
@ -82,7 +82,7 @@ static const dframetype_t *R_SpriteLoadFrame( model_t *mod, const void *pin, msp
pspriteframe->gl_texturenum = gl_texturenum; pspriteframe->gl_texturenum = gl_texturenum;
*ppframe = pspriteframe; *ppframe = pspriteframe;
return ( const dframetype_t* )(( const byte* )pin + sizeof( dspriteframe_t ) + pinframe.width * pinframe.height * bytes ); return ( const byte* )(( const byte* )pin + sizeof( dspriteframe_t ) + pinframe.width * pinframe.height * bytes );
} }
/* /*
@ -92,7 +92,7 @@ R_SpriteLoadGroup
upload a group frames upload a group frames
==================== ====================
*/ */
static const dframetype_t *R_SpriteLoadGroup( model_t *mod, const void *pin, mspriteframe_t **ppframe, int framenum ) static const void *R_SpriteLoadGroup( model_t *mod, const void *pin, mspriteframe_t **ppframe, int framenum )
{ {
const dspritegroup_t *pingroup; const dspritegroup_t *pingroup;
mspritegroup_t *pspritegroup; mspritegroup_t *pspritegroup;
@ -128,7 +128,7 @@ static const dframetype_t *R_SpriteLoadGroup( model_t *mod, const void *pin, msp
ptemp = R_SpriteLoadFrame( mod, ptemp, &pspritegroup->frames[i], framenum * 10 + i ); ptemp = R_SpriteLoadFrame( mod, ptemp, &pspritegroup->frames[i], framenum * 10 + i );
} }
return (const dframetype_t *)ptemp; return ptemp;
} }
/* /*
@ -142,7 +142,8 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
{ {
const dsprite_t *pin; const dsprite_t *pin;
const short *numi = NULL; const short *numi = NULL;
const dframetype_t *pframetype; const byte *pframetype;
dframetype_t dframetype;
msprite_t *psprite; msprite_t *psprite;
int i; int i;
@ -164,7 +165,7 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
rgbdata_t *pal; rgbdata_t *pal;
pal = gEngfuncs.FS_LoadImage( "#id.pal", (byte *)&i, 768 ); pal = gEngfuncs.FS_LoadImage( "#id.pal", (byte *)&i, 768 );
pframetype = (const dframetype_t *)((const byte*)buffer + sizeof( dsprite_q1_t )); // pinq1 + 1 pframetype = ((const byte*)buffer + sizeof( dsprite_q1_t )); // pinq1 + 1
gEngfuncs.FS_FreeImage( pal ); // palette installed, no reason to keep this data gEngfuncs.FS_FreeImage( pal ); // palette installed, no reason to keep this data
} }
else if( *numi == 256 ) else if( *numi == 256 )
@ -186,7 +187,7 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
break; break;
} }
pframetype = (const dframetype_t *)(src + 768); pframetype = (const byte *)(src + 768);
gEngfuncs.FS_FreeImage( pal ); // palette installed, no reason to keep this data gEngfuncs.FS_FreeImage( pal ); // palette installed, no reason to keep this data
} }
else else
@ -200,22 +201,25 @@ void Mod_LoadSpriteModel( model_t *mod, const void *buffer, qboolean *loaded, ui
for( i = 0; i < mod->numframes; i++ ) for( i = 0; i < mod->numframes; i++ )
{ {
frametype_t frametype = pframetype->type; frametype_t frametype;
memcpy( &dframetype, pframetype, sizeof( dframetype ));
frametype = dframetype.type;
psprite->frames[i].type = (spriteframetype_t)frametype; psprite->frames[i].type = (spriteframetype_t)frametype;
switch( frametype ) switch( frametype )
{ {
case FRAME_SINGLE: case FRAME_SINGLE:
Q_strncpy( group_suffix, "frame", sizeof( group_suffix )); Q_strncpy( group_suffix, "frame", sizeof( group_suffix ));
pframetype = R_SpriteLoadFrame( mod, pframetype + 1, &psprite->frames[i].frameptr, i ); pframetype = R_SpriteLoadFrame( mod, pframetype + sizeof( dframetype_t ), &psprite->frames[i].frameptr, i );
break; break;
case FRAME_GROUP: case FRAME_GROUP:
Q_strncpy( group_suffix, "group", sizeof( group_suffix )); Q_strncpy( group_suffix, "group", sizeof( group_suffix ));
pframetype = R_SpriteLoadGroup( mod, pframetype + 1, &psprite->frames[i].frameptr, i ); pframetype = R_SpriteLoadGroup( mod, pframetype + sizeof( dframetype_t ), &psprite->frames[i].frameptr, i );
break; break;
case FRAME_ANGLED: case FRAME_ANGLED:
Q_strncpy( group_suffix, "angle", sizeof( group_suffix )); Q_strncpy( group_suffix, "angle", sizeof( group_suffix ));
pframetype = R_SpriteLoadGroup( mod, pframetype + 1, &psprite->frames[i].frameptr, i ); pframetype = R_SpriteLoadGroup( mod, pframetype + sizeof( dframetype_t ), &psprite->frames[i].frameptr, i );
break; break;
} }
if( pframetype == NULL ) break; // technically an error if( pframetype == NULL ) break; // technically an error

Loading…
Cancel
Save