[quake3-commits] r1718 - trunk/code/qcommon
DONOTREPLY at icculus.org
DONOTREPLY at icculus.org
Sun Nov 1 14:58:10 EST 2009
Author: ludwig
Date: 2009-11-01 14:58:09 -0500 (Sun, 01 Nov 2009)
New Revision: 1718
Modified:
trunk/code/qcommon/vm_x86_64.c
Log:
check const jump argument
Modified: trunk/code/qcommon/vm_x86_64.c
===================================================================
--- trunk/code/qcommon/vm_x86_64.c 2009-11-01 19:58:07 UTC (rev 1717)
+++ trunk/code/qcommon/vm_x86_64.c 2009-11-01 19:58:09 UTC (rev 1718)
@@ -228,7 +228,14 @@
assemble_line(line, strlen(line));
}
+#define CHECK_IARG \
+ do { if(iarg < 0 || iarg >= header->instructionCount) { \
+ Com_Error( ERR_DROP, \
+ "%s: jump target out of range at offset %d", __func__, pc ); \
+ } } while(0)
+
#define JMPIARG \
+ CHECK_IARG; \
emit("movq $%lu, %%rax", vm->codeBase+vm->instructionPointers[iarg]); \
emit("jmpq *%%rax");
@@ -488,6 +495,9 @@
emit("subq $4, %%rsi");
break;
case OP_CONST:
+ if(code[pc] == OP_JUMP) {
+ CHECK_IARG;
+ }
emit("addq $4, %%rsi");
emit("movl $%d, 0(%%rsi)", iarg);
break;
More information about the quake3-commits
mailing list