[Scummvm-cvs-logs] scummvm master -> 3dc87c4f3d775a75034779cf162129f914bd5a8c
sylvaintv
sylvaintv at gmail.com
Wed Apr 6 23:09:02 CEST 2011
This automated email contains information about 1 new commit which have been
pushed to the 'scummvm' repo located at https://github.com/scummvm/scummvm .
Summary:
3dc87c4f3d TOON: Fix several Valgrind issues
Commit: 3dc87c4f3d775a75034779cf162129f914bd5a8c
https://github.com/scummvm/scummvm/commit/3dc87c4f3d775a75034779cf162129f914bd5a8c
Author: sylvaintv (sylvaintv at gmail.com)
Date: 2011-04-06T14:07:11-07:00
Commit Message:
TOON: Fix several Valgrind issues
Maybe caused random crashes on reading invalid memory
Changed paths:
engines/toon/character.cpp
engines/toon/detection.cpp
engines/toon/hotspot.cpp
engines/toon/picture.cpp
engines/toon/tools.cpp
engines/toon/tools.h
engines/toon/toon.cpp
diff --git a/engines/toon/character.cpp b/engines/toon/character.cpp
index a1bd333..69051d4 100644
--- a/engines/toon/character.cpp
+++ b/engines/toon/character.cpp
@@ -64,6 +64,7 @@ Character::Character(ToonEngine *vm) : _vm(vm) {
_lastWalkTime = 0;
_numPixelToWalk = 0;
_nextIdleTime = _vm->getSystem()->getMillis() + (_vm->randRange(0, 600) + 300) * _vm->getTickLength();
+ _lineToSayId = 0;
}
Character::~Character(void) {
diff --git a/engines/toon/detection.cpp b/engines/toon/detection.cpp
index f8c4c08..ef02356 100644
--- a/engines/toon/detection.cpp
+++ b/engines/toon/detection.cpp
@@ -91,6 +91,15 @@ static const ADGameDescription gameDescriptions[] = {
},
Common::DE_DEU, Common::kPlatformPC, ADGF_DEMO, GUIO_NONE
},
+ {
+ "toon", "",
+ {
+ {"local.pak", 0, "8ef3368078b9ea70b305c04db826feea", 2680573},
+ {"generic.svl", 0, "5c42724bb93b360dca7044d6b7ef26e5", 7739319},
+ AD_LISTEND
+ },
+ Common::EN_ANY, Common::kPlatformPC, ADGF_DEMO, GUIO_NONE
+ },
AD_TABLE_END_MARKER
};
diff --git a/engines/toon/hotspot.cpp b/engines/toon/hotspot.cpp
index df55ead..ec2344d 100644
--- a/engines/toon/hotspot.cpp
+++ b/engines/toon/hotspot.cpp
@@ -124,10 +124,10 @@ bool Hotspots::LoadRif(Common::String rifName, Common::String additionalRifName)
// RIFs are compressed in RNC1
RncDecoder decoder;
- decoder.unpackM1(rifData, _items);
+ decoder.unpackM1(rifData, size, _items);
if (rifsize2) {
RncDecoder decoder2;
- decoder2.unpackM1(rifData2 , _items + (rifsize >> 9));
+ decoder2.unpackM1(rifData2 , size, _items + (rifsize >> 9));
for (int32 i = 0; i < (rifsize2 >> 9); i++) {
HotspotData *hot = _items + (rifsize >> 9) + i;
hot->setData(0, hot->getX1() + 1280);
diff --git a/engines/toon/picture.cpp b/engines/toon/picture.cpp
index b0932bd..1945f0f 100644
--- a/engines/toon/picture.cpp
+++ b/engines/toon/picture.cpp
@@ -97,7 +97,7 @@ bool Picture::loadPicture(Common::String file, bool totalPalette /*= false*/) {
_data = new uint8[decSize];
- rnc.unpackM1(fileData, _data);
+ rnc.unpackM1(fileData, size, _data);
// size can only be 640x400 or 1280x400
if (decSize > TOON_SCREEN_WIDTH * TOON_SCREEN_HEIGHT + 768)
diff --git a/engines/toon/tools.cpp b/engines/toon/tools.cpp
index e147864..bad7961 100644
--- a/engines/toon/tools.cpp
+++ b/engines/toon/tools.cpp
@@ -200,7 +200,16 @@ uint16 RncDecoder::inputBits(uint8 amount) {
newBitBuffl >>= newBitCount;
newBitBuffl |= remBits;
_srcPtr += 2;
- newBitBuffh = READ_LE_UINT16(_srcPtr);
+
+ // added some more check here to prevent reading in the buffer
+ // if there are no bytes anymore.
+ _inputByteLeft -= 2;
+ if (_inputByteLeft <= 0)
+ newBitBuffh = 0;
+ else if (_inputByteLeft == 1)
+ newBitBuffh = *_srcPtr;
+ else
+ newBitBuffh = READ_LE_UINT16(_srcPtr);
amount -= newBitCount;
newBitCount = 16 - amount;
}
@@ -283,7 +292,7 @@ int RncDecoder::getbit() {
return temp;
}
-int32 RncDecoder::unpackM1(const void *input, void *output) {
+int32 RncDecoder::unpackM1(const void *input, uint16 inputSize, void *output) {
debugC(1, kDebugTools, "unpackM1(input, output)");
uint8 *outputLow, *outputHigh;
@@ -295,6 +304,8 @@ int32 RncDecoder::unpackM1(const void *input, void *output) {
uint16 crcUnpacked = 0;
uint16 crcPacked = 0;
+
+ _inputByteLeft = inputSize;
_bitBuffl = 0;
_bitBuffh = 0;
_bitCount = 0;
@@ -337,9 +348,12 @@ int32 RncDecoder::unpackM1(const void *input, void *output) {
_srcPtr = (_dstPtr - packLen);
}
+ _inputByteLeft -= HEADER_LEN;
+
_dstPtr = (uint8 *)output;
_bitCount = 0;
+
_bitBuffl = READ_LE_UINT16(_srcPtr);
inputBits(2);
@@ -358,6 +372,7 @@ int32 RncDecoder::unpackM1(const void *input, void *output) {
memcpy(_dstPtr, _srcPtr, inputLength); //memcpy is allowed here
_dstPtr += inputLength;
_srcPtr += inputLength;
+ _inputByteLeft -= inputLength;
uint16 a = READ_LE_UINT16(_srcPtr);
uint16 b = READ_LE_UINT16(_srcPtr + 2);
diff --git a/engines/toon/tools.h b/engines/toon/tools.h
index 1d8b4a6..b716d48 100644
--- a/engines/toon/tools.h
+++ b/engines/toon/tools.h
@@ -63,10 +63,12 @@ protected:
const uint8 *_srcPtr;
uint8 *_dstPtr;
+ uint16 _inputByteLeft;
+
public:
RncDecoder();
~RncDecoder();
- int32 unpackM1(const void *input, void *output);
+ int32 unpackM1(const void *input, uint16 inputSize, void *output);
int32 unpackM2(const void *input, void *output);
protected:
diff --git a/engines/toon/toon.cpp b/engines/toon/toon.cpp
index 0c7989f..2040668 100644
--- a/engines/toon/toon.cpp
+++ b/engines/toon/toon.cpp
@@ -1320,8 +1320,8 @@ void ToonEngine::loadAdditionalPalette(Common::String fileName, int32 mode) {
fixPaletteEntries(_additionalPalette2, 23);
break;
case 2:
- memcpy(_cutawayPalette, palette, 768);
- fixPaletteEntries(_cutawayPalette, 256);
+ memcpy(_cutawayPalette, palette, size);
+ fixPaletteEntries(_cutawayPalette, size/3);
break;
case 3:
memcpy(_universalPalette, palette, 96);
@@ -2834,7 +2834,8 @@ void ToonEngine::newGame() {
addItemToInventory(67);
addItemToInventory(11);
addItemToInventory(19);
- loadScene(_gameState->_currentScene);
+ loadScene(22);
+ //loadScene(_gameState->_currentScene);
} else {
//loadScene(4);
loadScene(_gameState->_currentScene);
More information about the Scummvm-git-logs
mailing list