From a6f4274553a751e61496f84ca900f0ee722e42f0 Mon Sep 17 00:00:00 2001 From: Fabian Greffrath Date: Tue, 17 Oct 2023 08:21:42 +0200 Subject: [PATCH] report (and secure) weaponinfo[] overruns (#1221) --- src/d_items.c | 5 ++++- src/d_items.h | 2 +- src/p_pspr.c | 7 +++++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/d_items.c b/src/d_items.c index 0792a06d..cfcfbcfb 100644 --- a/src/d_items.c +++ b/src/d_items.c @@ -32,7 +32,7 @@ // atkstate, i.e. attack/fire/hit frame // flashstate, muzzle flash // -weaponinfo_t weaponinfo[NUMWEAPONS] = +weaponinfo_t weaponinfo[NUMWEAPONS+1] = { { // fist @@ -142,6 +142,9 @@ weaponinfo_t weaponinfo[NUMWEAPONS] = 0, WPF_NOFLAG }, + { + 0 + }, }; //---------------------------------------------------------------------------- diff --git a/src/d_items.h b/src/d_items.h index 23381639..94215f68 100644 --- a/src/d_items.h +++ b/src/d_items.h @@ -59,7 +59,7 @@ typedef struct int flags; } weaponinfo_t; -extern weaponinfo_t weaponinfo[NUMWEAPONS]; +extern weaponinfo_t weaponinfo[NUMWEAPONS+1]; #endif diff --git a/src/p_pspr.c b/src/p_pspr.c index f64e0694..f914e38d 100644 --- a/src/p_pspr.c +++ b/src/p_pspr.c @@ -19,6 +19,7 @@ //----------------------------------------------------------------------------- #include "doomstat.h" +#include "i_printf.h" #include "r_main.h" #include "p_map.h" #include "p_inter.h" @@ -154,6 +155,12 @@ static void P_BringUpWeapon(player_t *player) if (player->pendingweapon == wp_chainsaw) S_StartSound(player->mo, sfx_sawup); + if (player->pendingweapon >= NUMWEAPONS) + { + player->pendingweapon = NUMWEAPONS; + I_Printf(VB_WARNING, "P_BringUpWeapon: weaponinfo overrun has occurred."); + } + newstate = weaponinfo[player->pendingweapon].upstate; player->pendingweapon = wp_nochange;