Skip to content

Commit

Permalink
fix out of bounds read
Browse files Browse the repository at this point in the history
  • Loading branch information
RSDuck committed Jan 7, 2021
1 parent 1d8e302 commit e311eea
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 5 deletions.
3 changes: 2 additions & 1 deletion src/GPU.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -638,6 +638,7 @@ void MapVRAM_CD(u32 bank, u8 cnt)
case 2: // ARM7 VRAM
ofs &= 0x1;
VRAMMap_ARM7[ofs] |= bankmask;
memset(VRAMDirty[bank].Data, 0xFF, sizeof(VRAMDirty[bank].Data));
VRAMSTAT |= (1 << (bank-2));
break;

Expand Down Expand Up @@ -1177,6 +1178,7 @@ NonStupidBitField<Size/VRAMDirtyGranularity> VRAMTrackingSet<Size, MappingGranul
{
if (currentMappings[i] != Mapping[i])
{
printf("remapped %x %x\n", currentMappings[i], Mapping[i]);
result |= NonStupidBitField<Size/VRAMDirtyGranularity>(i*VRAMBitsPerMapping, VRAMBitsPerMapping);
banksToBeZeroed |= currentMappings[i];
Mapping[i] = currentMappings[i];
Expand Down Expand Up @@ -1265,7 +1267,6 @@ void SyncDirtyFlags()
SyncDirtyFlags(VRAMMap_AOBJ, VRAMWritten_AOBJ);
SyncDirtyFlags(VRAMMap_BBG, VRAMWritten_BBG);
SyncDirtyFlags(VRAMMap_BOBJ, VRAMWritten_BOBJ);
SyncDirtyFlags(VRAMMap_ARM7, VRAMWritten_ARM7);
}

template <u32 MappingGranularity, u32 Size>
Expand Down
3 changes: 0 additions & 3 deletions src/GPU.h
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,6 @@ extern NonStupidBitField<512*1024/VRAMDirtyGranularity> VRAMWritten_ABG;
extern NonStupidBitField<256*1024/VRAMDirtyGranularity> VRAMWritten_AOBJ;
extern NonStupidBitField<128*1024/VRAMDirtyGranularity> VRAMWritten_BBG;
extern NonStupidBitField<128*1024/VRAMDirtyGranularity> VRAMWritten_BOBJ;
extern NonStupidBitField<256*1024/VRAMDirtyGranularity> VRAMWritten_ARM7;

extern NonStupidBitField<128*1024/VRAMDirtyGranularity> VRAMDirty[9];

Expand Down Expand Up @@ -458,8 +457,6 @@ void WriteVRAM_ARM7(u32 addr, T val)
{
u32 mask = VRAMMap_ARM7[(addr >> 17) & 0x1];

VRAMWritten_ARM7[(addr & 0x1FFFF) / VRAMDirtyGranularity] = true;

if (mask & (1<<2)) *(T*)&VRAM_C[addr & 0x1FFFF] = val;
if (mask & (1<<3)) *(T*)&VRAM_D[addr & 0x1FFFF] = val;
}
Expand Down
7 changes: 6 additions & 1 deletion src/NonStupidBitfield.h
Original file line number Diff line number Diff line change
Expand Up @@ -51,9 +51,14 @@ struct NonStupidBitField
template <typename T>
void Next()
{
while (RemainingBits == 0 && DataIdx < DataLength)
if (DataIdx >= DataLength)
return;

while (RemainingBits == 0)
{
DataIdx += sizeof(T);
if (DataIdx >= DataLength)
return;
RemainingBits = *(T*)&BitField.Data[DataIdx];
}

Expand Down

0 comments on commit e311eea

Please sign in to comment.