[Scummvm-git-logs] scummvm branch-2-8 -> 45b8145236284fcb520f5b884df41727f10bfb93
elasota
noreply at scummvm.org
Mon Jan 8 04:16:31 UTC 2024
This automated email contains information about 5 new commits which have been
pushed to the 'scummvm' repo located at https://github.com/scummvm/scummvm .
Summary:
4a360c3754 MTROPOLIS: Fix out-of-range read when loading 8-bit mToon assets
f4eb42dad9 VCRUISE: Add reported unknown variant of Schizm English DVD
0bbfc0caf8 VCRUISE: Add detection for Reah Russian CD version
23aad568a7 NEWS: Add mention of MTI crash fix
45b8145236 NEWS: Add mention of fixed Mac resource loading regression
Commit: 4a360c3754e54c65f4c79c8afcdc717a4184120a
https://github.com/scummvm/scummvm/commit/4a360c3754e54c65f4c79c8afcdc717a4184120a
Author: elasota (1137273+elasota at users.noreply.github.com)
Date: 2024-01-07T23:13:57-05:00
Commit Message:
MTROPOLIS: Fix out-of-range read when loading 8-bit mToon assets
Changed paths:
engines/mtropolis/assets.cpp
engines/mtropolis/assets.h
diff --git a/engines/mtropolis/assets.cpp b/engines/mtropolis/assets.cpp
index eb0e8bf3d57..64c28574580 100644
--- a/engines/mtropolis/assets.cpp
+++ b/engines/mtropolis/assets.cpp
@@ -314,6 +314,29 @@ bool CachedMToon::decompressMToonRLE(const RleFrame &frame, const Common::Array<
return true;
}
+template<class TDest, class TSrc>
+void CachedMToon::checkedMemCpy(Common::Array<TDest> &dest, size_t destIndex, const Common::Array<TSrc> &src, size_t srcIndex, size_t sizeBytes) {
+ if (sizeBytes == 0)
+ return;
+
+ size_t destSize = dest.size() * sizeof(TDest);
+ size_t srcSize = src.size() * sizeof(TSrc);
+
+ if (destIndex > dest.size() || srcIndex > src.size())
+ error("Out-of-range data copy offset while loading mToon");
+
+ size_t srcPos = srcIndex * sizeof(TSrc);
+ size_t destPos = destIndex * sizeof(TDest);
+
+ size_t srcAvail = srcSize - srcPos;
+ size_t destAvail = destSize - destPos;
+
+ if (srcAvail < sizeBytes || destAvail < sizeBytes)
+ error("Out-of-range data copy end while loading mToon");
+
+ memcpy(&dest[destIndex], &src[srcIndex], sizeBytes);
+}
+
void CachedMToon::decompressRLEFrameToImage(size_t frameIndex, Graphics::ManagedSurface &surface) {
assert(surface.format == _rleOptimizedFormat);
@@ -348,6 +371,9 @@ void CachedMToon::loadRLEFrames(const Common::Array<uint8> &data) {
size_t baseOffset = frameDef.dataOffset;
+ if (frameDef.compressedSize < 20)
+ error("Invalid compressed data size");
+
uint32 headerInts[5];
for (size_t hi = 0; hi < 5; hi++) {
uint32 unpacked = 0;
@@ -373,15 +399,15 @@ void CachedMToon::loadRLEFrames(const Common::Array<uint8> &data) {
uint32 frameDataSize = headerInts[4];
if (frameDataSize > 0) {
+ // frameDataSize is sometimes set to frameDef.compressedSize but sometimes contains garbage,
+ // so we need to ignore it and derive size from the frameDef instead.
if (bpp == 8) {
- rleFrame.data8.resize(frameDataSize);
- memcpy(&rleFrame.data8[0], &data[baseOffset + 20], frameDataSize);
+ rleFrame.data8.resize(frameDef.compressedSize - 20);
+ checkedMemCpy(rleFrame.data8, 0, data, baseOffset + 20, frameDef.compressedSize - 20);
} else if (bpp == 16) {
- // In RLE16, frameDataSize is sometimes set to frameDef.compressedSize but sometimes contains garbage,
- // so we need to ignore it and derive size from the frameDef instead.
uint32 numDWords = (frameDef.compressedSize - 20) / 2;
rleFrame.data16.resize(numDWords);
- memcpy(&rleFrame.data16[0], &data[baseOffset + 20], static_cast<size_t>(numDWords) * 2u);
+ checkedMemCpy(rleFrame.data16, 0, data, baseOffset + 20, static_cast<size_t>(numDWords) * 2u);
uint16 *i16 = &rleFrame.data16[0];
if (_metadata->imageFormat == MToonMetadata::kImageFormatWindows) {
diff --git a/engines/mtropolis/assets.h b/engines/mtropolis/assets.h
index f440199c2f2..1b809e30cf4 100644
--- a/engines/mtropolis/assets.h
+++ b/engines/mtropolis/assets.h
@@ -146,6 +146,9 @@ private:
template<class TNumber, uint32 TLiteralMask, uint32 TTransparentRowSkipMask>
static bool decompressMToonRLE(const RleFrame &frame, const Common::Array<TNumber> &coefsArray, Graphics::ManagedSurface &surface, bool isBottomUp, bool isKeyFrame, uint hackFlags);
+ template<class TDest, class TSrc>
+ static void checkedMemCpy(Common::Array<TDest> &dest, size_t destIndex, const Common::Array<TSrc> &src, size_t srcIndex, size_t sizeBytes);
+
Common::Array<RleFrame> _rleData;
bool _isRLETemporalCompressed;
Commit: f4eb42dad9c3130ee430c5b3d5e6ad045a735bbb
https://github.com/scummvm/scummvm/commit/f4eb42dad9c3130ee430c5b3d5e6ad045a735bbb
Author: elasota (1137273+elasota at users.noreply.github.com)
Date: 2024-01-07T23:13:57-05:00
Commit Message:
VCRUISE: Add reported unknown variant of Schizm English DVD
Changed paths:
engines/vcruise/detection_tables.h
diff --git a/engines/vcruise/detection_tables.h b/engines/vcruise/detection_tables.h
index 4db82dc2c9b..bab7cac1dcc 100644
--- a/engines/vcruise/detection_tables.h
+++ b/engines/vcruise/detection_tables.h
@@ -198,6 +198,19 @@ static const VCruiseGameDescription gameDescriptions[] = {
GID_SCHIZM,
Common::EN_GRB,
},
+ { // Schizm: Mysterious Journey, English DVD Version, unknown variant
+ {
+ "schizm",
+ "English DVD",
+ AD_ENTRY1s("setup.pak", "964e386b187752d53b69f9c55c4f6e6b", 274948185),
+ Common::UNK_LANG,
+ Common::kPlatformWindows,
+ VCRUISE_GF_WANT_OGG_VORBIS | VCRUISE_GF_NEED_JPEG | VCRUISE_GF_GENTEE_PACKAGE,
+ GUIO0()
+ },
+ GID_SCHIZM,
+ Common::EN_GRB,
+ },
{ // Schizm: Mysterious Journey, Polish DVD Version
{
"schizm",
Commit: 0bbfc0caf8732884cde1f1d06d3fbf6160415a8a
https://github.com/scummvm/scummvm/commit/0bbfc0caf8732884cde1f1d06d3fbf6160415a8a
Author: elasota (1137273+elasota at users.noreply.github.com)
Date: 2024-01-07T23:13:57-05:00
Commit Message:
VCRUISE: Add detection for Reah Russian CD version
Changed paths:
engines/vcruise/detection_tables.h
diff --git a/engines/vcruise/detection_tables.h b/engines/vcruise/detection_tables.h
index bab7cac1dcc..db1f9b77108 100644
--- a/engines/vcruise/detection_tables.h
+++ b/engines/vcruise/detection_tables.h
@@ -99,6 +99,21 @@ static const VCruiseGameDescription gameDescriptions[] = {
GID_REAH,
Common::DE_DEU,
},
+ { // Reah: Face the Unknown, Russian 6 CD Version
+ {
+ "reah",
+ "Russian CD",
+ AD_ENTRY3s("Reah.exe", "c44224a888035c14e876cbc45519faca", 305664,
+ "0170_b.wav", "4632023ed0bab3fc800abfa5ef65ceaf", 119850,
+ "Speech01.txt", "734478c94944eab9c954c612c70efb9a", 72694),
+ Common::RU_RUS,
+ Common::kPlatformWindows,
+ VCRUISE_GF_FORCE_LANGUAGE,
+ GUIO0()
+ },
+ GID_REAH,
+ Common::RU_RUS,
+ },
{ // Reah: Face the Unknown, English digital (GOG) version + German VO community patch
{
"reah",
Commit: 23aad568a73ab53a56720c236ac138a14541a00a
https://github.com/scummvm/scummvm/commit/23aad568a73ab53a56720c236ac138a14541a00a
Author: elasota (1137273+elasota at users.noreply.github.com)
Date: 2024-01-07T23:16:04-05:00
Commit Message:
NEWS: Add mention of MTI crash fix
Changed paths:
NEWS.md
diff --git a/NEWS.md b/NEWS.md
index 0f2ca8f330c..68f1d70d46f 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -8,6 +8,9 @@ For a more comprehensive changelog of the latest experimental code, see:
MM:
- Enabled engine, allowing MM1 and Xeen to be compiled.
+
+ MTROPOLIS:
+ - Fixed crash in Muppet Treasure Island on some platforms.
NANCY:
- Fixed the telephone hints in Secrets Can Kill.
Commit: 45b8145236284fcb520f5b884df41727f10bfb93
https://github.com/scummvm/scummvm/commit/45b8145236284fcb520f5b884df41727f10bfb93
Author: elasota (1137273+elasota at users.noreply.github.com)
Date: 2024-01-07T23:16:10-05:00
Commit Message:
NEWS: Add mention of fixed Mac resource loading regression
Changed paths:
NEWS.md
diff --git a/NEWS.md b/NEWS.md
index 68f1d70d46f..6c241b46f94 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -32,6 +32,9 @@ For a more comprehensive changelog of the latest experimental code, see:
Android port:
- Fixed crash in built-in help with German language.
+ macOS port:
+ - Fixed a problem where some Mac games would not load resources correctly.
+
#### 2.8.0 "Mysteries, Mammoths, and Muppets" (2023-12-30)
New games:
More information about the Scummvm-git-logs
mailing list