Menu
▾
▴
[Vegastrike-cvs] SF.net SVN: vegastrike:[13721] trunk/vegastrike/src/gfx/mesh_bxm.cpp
|
From: <kla...@us...> - 2016-08-15 14:50:22
|
Revision: 13721
http://sourceforge.net/p/vegastrike/code/13721
Author: klaussfreire
Date: 2016-08-15 14:50:21 +0000 (Mon, 15 Aug 2016)
Log Message:
-----------
Harden BFXM loading against corrupted meshes
Modified Paths:
--------------
trunk/vegastrike/src/gfx/mesh_bxm.cpp
Modified: trunk/vegastrike/src/gfx/mesh_bxm.cpp
===================================================================
--- trunk/vegastrike/src/gfx/mesh_bxm.cpp 2016-07-08 18:56:02 UTC (rev 13720)
+++ trunk/vegastrike/src/gfx/mesh_bxm.cpp 2016-08-15 14:50:21 UTC (rev 13721)
@@ -281,20 +281,28 @@
fseek( Inputfile, 4+sizeof (uint32bit), SEEK_SET );
fread( &intbuf, sizeof (uint32bit), 1, Inputfile ); //Length of Inputfile
uint32bit Inputlength = VSSwapHostIntToLittle( intbuf );
+ if (Inputlength < sizeof(uint32bit)*13 || Inputlength > (1<<30)) {
+ fprintf( stderr, "Corrupt file %s, aborting\n", Inputfile.GetFilename().c_str() );
+ exit( -1 );
+ }
inmemfile = (chunk32*) malloc( Inputlength+1 );
if (!inmemfile) {
- fprintf( stderr, "Buffer allocation failed, Aborting" );
- exit( -1 );
+ fprintf( stderr, "Buffer allocation failed, Aborting\n" );
+ exit( -2 );
}
rewind( Inputfile );
fread( inmemfile, 1, Inputlength, Inputfile );
fcloseInput( Inputfile );
#else
uint32bit Inputlength = Inputfile.Size();
+ if (Inputlength < sizeof(uint32bit)*13 || Inputlength > (1<<30)) {
+ fprintf( stderr, "Corrupt file %s, aborting\n", Inputfile.GetFilename().c_str() );
+ abort();
+ }
inmemfile = (chunk32*) malloc( Inputlength );
if (!inmemfile) {
- fprintf( stderr, "Buffer allocation failed, Aborting" );
- exit( -1 );
+ fprintf( stderr, "Buffer allocation failed, Aborting\n" );
+ exit( -2 );
}
Inputfile.Read( inmemfile, Inputlength );
Inputfile.Close();
|