From 2f042ea1988407524d86998dcba2672b23c8aaf6 Mon Sep 17 00:00:00 2001 From: yexo Date: Sun, 14 Oct 2012 15:18:09 +0000 Subject: [PATCH] (svn r24593) -Fix [FS#5333]: crash when a gamescript provided too many parameters to a GSText object --- src/strings.cpp | 20 +++++++++++++++++++- src/strings_func.h | 14 +------------- 2 files changed, 20 insertions(+), 14 deletions(-) diff --git a/src/strings.cpp b/src/strings.cpp index 2449c5c092..12f41e1588 100644 --- a/src/strings.cpp +++ b/src/strings.cpp @@ -62,6 +62,24 @@ void StringParameters::ClearTypeInformation() MemSetT(this->type, 0, this->num_param); } + +/** + * Read an int64 from the argument array. The offset is increased + * so the next time GetInt64 is called the next value is read. + */ +int64 StringParameters::GetInt64(WChar type) +{ + if (this->offset >= this->num_param) { + DEBUG(misc, 0, "Trying to read invalid string parameter"); + return 0; + } + if (this->type != NULL) { + assert(this->type[this->offset] == 0 || this->type[this->offset] == type); + this->type[this->offset] = type; + } + return this->data[this->offset++]; +} + /** * Shift all data in the data array by the given amount to make * room for some extra parameters. @@ -780,7 +798,7 @@ static char *FormatString(char *buff, const char *str_arg, StringParameters *arg } int i = 0; - while (*p != '\0') { + while (*p != '\0' && i < 20) { uint64 param; s = ++p; diff --git a/src/strings_func.h b/src/strings_func.h index eef78d84e4..395a80e1a1 100644 --- a/src/strings_func.h +++ b/src/strings_func.h @@ -73,19 +73,7 @@ public: void ClearTypeInformation(); - /** - * Read an int64 from the argument array. The offset is increased - * so the next time GetInt64 is called the next value is read. - */ - int64 GetInt64(WChar type = 0) - { - assert(this->offset < this->num_param); - if (this->type != NULL) { - assert(this->type[this->offset] == 0 || this->type[this->offset] == type); - this->type[this->offset] = type; - } - return this->data[this->offset++]; - } + int64 GetInt64(WChar type = 0); /** Read an int32 from the argument array. @see GetInt64. */ int32 GetInt32(WChar type = 0)