ref: 8042ab2c9b077e2ea630a9e99a9613834f2eaf73
parent: aad200801cf7c07990afcb195b0cdc6cf1c7e417
author: Gabriel Ravier <gabravier@gmail.com>
date: Sat Feb 1 02:52:31 EST 2020
Fixed more crashes in Caret Signed-off-by: Gabriel Ravier <gabravier@gmail.com>
--- a/src/Caret.cpp
+++ b/src/Caret.cpp
@@ -117,7 +117,10 @@
}
if (crt->ani_no > 3)
+ {crt->cond = 0;
+ return; // Avoid unconditional UB at rect_left[crt->ani_no]
+ }
crt->rect = rect_left[crt->ani_no];
break;
@@ -130,7 +133,10 @@
}
if (crt->ani_no > 3)
+ {crt->cond = 0;
+ return; // Avoid unconditional UB at rect_right[crt->ani_no]
+ }
crt->rect = rect_right[crt->ani_no];
break;
@@ -158,7 +164,10 @@
{crt->ani_wait = 0;
if (++crt->ani_no > 3)
+ {crt->cond = 0;
+ return; // Return now, or the access to rect[crt->ani_no] we do is UB
+ }
}
crt->rect = rect[crt->ani_no];
@@ -207,12 +216,15 @@
++crt->ani_no;
}
- if (crt->ani_no > 6)
- crt->cond = 0;
-
crt->x += 0x80;
crt->y -= 0x80;
+ if (crt->ani_no > 6)
+ {+ crt->cond = 0;
+ return; // Return now, or the access to rect[crt->ani_no] we do is UB
+ }
+
crt->rect = rect[crt->ani_no];
}
@@ -349,7 +361,10 @@
{crt->ani_wait = 0;
if (++crt->ani_no > 6)
+ {crt->cond = 0;
+ return; // Avoid unconditional UB at rcRight[crt->ani_no]
+ }
}
crt->rect = rcRight[crt->ani_no];
@@ -366,7 +381,10 @@
{crt->ani_wait = 0;
if (++crt->ani_no > 1)
+ {crt->cond = 0;
+ return; // Return now, or the access to rcLeft[crt->ani_no] we do is UB
+ }
}
crt->rect = rcLeft[crt->ani_no];
--
⑨