ref: a762f28837093b3972c3d26d94bbc2c71f96b27c
parent: c204ba140e79fe3d4f789973194956f884512494
author: Clownacy <Clownacy@users.noreply.github.com>
date: Sat Feb 1 07:45:32 EST 2020
Note some out-of-bounds array accesses Thanks, Gabe
--- a/src/Caret.cpp
+++ b/src/Caret.cpp
@@ -119,6 +119,8 @@
if (crt->ani_no > 3)
crt->cond = 0;
+ // Note that 'crt->ani_no' can exceed the size of 'rect_left'
+
crt->rect = rect_left[crt->ani_no];
break;
@@ -132,6 +134,8 @@
if (crt->ani_no > 3)
crt->cond = 0;
+ // Note that 'crt->ani_no' can exceed the size of 'rect_right'
+
crt->rect = rect_right[crt->ani_no];
break;
@@ -161,6 +165,8 @@
crt->cond = 0;
}
+ // Note that 'crt->ani_no' can exceed the size of 'rect'
+
crt->rect = rect[crt->ani_no];
}
@@ -213,6 +219,8 @@
crt->x += 0x80;
crt->y -= 0x80;
+ // Note that 'crt->ani_no' can exceed the size of 'rect'
+
crt->rect = rect[crt->ani_no];
}
@@ -352,6 +360,8 @@
crt->cond = 0;
}
+ // Note that 'crt->ani_no' can exceed the size of 'rcRight'
+
crt->rect = rcRight[crt->ani_no];
}
@@ -368,6 +378,8 @@
if (++crt->ani_no > 1)
crt->cond = 0;
}
+
+ // Note that 'crt->ani_no' can exceed the size of 'rcLeft'
crt->rect = rcLeft[crt->ani_no];
}
--- a/src/MycParam.cpp
+++ b/src/MycParam.cpp
@@ -269,6 +269,7 @@
RECT rcExpMax = {40, 72, 80, 80}; RECT rcExpFlash = {40, 80, 80, 88};+ // Note that this can result in '-1', causing the following array accesses to be out-of-bounds
int lv = gArmsData[gSelectedArms].level - 1;
int arms_code = gArmsData[gSelectedArms].code;
int exp_now = gArmsData[gSelectedArms].exp;