From c3bd837c42d9cf5be936683b954c4cbb773d6717 Mon Sep 17 00:00:00 2001 From: Matthias Moninger <5415177+ZehMatt@users.noreply.github.com> Date: Wed, 1 Mar 2023 10:31:20 +0200 Subject: [PATCH] Fix #19517: Crash when peeps try to exit or enter a hacked ride (#19518) * Fix #19517: Crash when peeps try to exit or enter a hacked ride * Update changelog.txt --- distribution/changelog.txt | 1 + src/openrct2/entity/Guest.cpp | 38 ++++++++++++++++++++++++----------- 2 files changed, 27 insertions(+), 12 deletions(-) diff --git a/distribution/changelog.txt b/distribution/changelog.txt index 85a712eb87ad..8a5c804f4b90 100644 --- a/distribution/changelog.txt +++ b/distribution/changelog.txt @@ -55,6 +55,7 @@ - Fix: [#19380] Startup crash when no sequences are installed and random sequences are enabled. - Fix: [#19391] String corruption caused by an improper buffer handling in ‘GfxWrapString’. - Fix: [#19475] Cannot increase loan when more than £1000 in debt. +- Fix: [#19517] Crash when peeps try to exit or enter hacked rides that have no waypoints specified. 0.4.3 (2022-12-14) ------------------------------------------------------------------------ diff --git a/src/openrct2/entity/Guest.cpp b/src/openrct2/entity/Guest.cpp index 7318db132f81..aafc2f649a2f 100644 --- a/src/openrct2/entity/Guest.cpp +++ b/src/openrct2/entity/Guest.cpp @@ -3626,10 +3626,13 @@ void Guest::UpdateRideLeaveEntranceWaypoints(const Ride& ride) const auto& rtd = ride.GetRideTypeDescriptor(); CoordsXY waypoint = rtd.GetGuestWaypointLocation(*vehicle, ride, CurrentRideStation); - const auto waypointIndex = Var37 / 4; - Guard::Assert(carEntry->peep_loading_waypoints.size() >= static_cast(waypointIndex)); - waypoint.x += carEntry->peep_loading_waypoints[waypointIndex][0].x; - waypoint.y += carEntry->peep_loading_waypoints[waypointIndex][0].y; + const auto waypointIndex = Var37 / 4U; + if (waypointIndex < carEntry->peep_loading_waypoints.size()) + { + Guard::Assert(carEntry->peep_loading_waypoints.size() >= static_cast(waypointIndex)); + waypoint.x += carEntry->peep_loading_waypoints[waypointIndex][0].x; + waypoint.y += carEntry->peep_loading_waypoints[waypointIndex][0].y; + } SetDestination(waypoint); RideSubState = PeepRideSubState::ApproachVehicleWaypoints; @@ -4265,19 +4268,26 @@ void Guest::UpdateRideLeaveVehicle() return; Var37 = ((exitLocation.direction | GetWaypointedSeatLocation(*ride, carEntry, station_direction) * 4) * 4) | 1; - Guard::Assert(carEntry->peep_loading_waypoints.size() >= static_cast(Var37 / 4)); + CoordsXYZ exitWaypointLoc = waypointLoc; - exitWaypointLoc.x += carEntry->peep_loading_waypoints[Var37 / 4][2].x; - exitWaypointLoc.y += carEntry->peep_loading_waypoints[Var37 / 4][2].y; + const auto waypointIndex = Var37 / 4U; + if (waypointIndex < carEntry->peep_loading_waypoints.size()) + { + exitWaypointLoc.x += carEntry->peep_loading_waypoints[waypointIndex][2].x; + exitWaypointLoc.y += carEntry->peep_loading_waypoints[waypointIndex][2].y; + } if (ride->type == RIDE_TYPE_MOTION_SIMULATOR) exitWaypointLoc.z += 15; MoveTo(exitWaypointLoc); - waypointLoc.x += carEntry->peep_loading_waypoints[Var37 / 4][1].x; - waypointLoc.y += carEntry->peep_loading_waypoints[Var37 / 4][1].y; + if (waypointIndex < carEntry->peep_loading_waypoints.size()) + { + waypointLoc.x += carEntry->peep_loading_waypoints[waypointIndex][1].x; + waypointLoc.y += carEntry->peep_loading_waypoints[waypointIndex][1].y; + } SetDestination(waypointLoc, 2); RideSubState = PeepRideSubState::ApproachExitWaypoints; @@ -4429,9 +4439,13 @@ void Guest::UpdateRideApproachVehicleWaypoints() } const auto& vehicle_type = rideEntry->Cars[vehicle->vehicle_type]; - Guard::Assert(waypoint < 3); - targetLoc.x += vehicle_type.peep_loading_waypoints[Var37 / 4][waypoint].x; - targetLoc.y += vehicle_type.peep_loading_waypoints[Var37 / 4][waypoint].y; + const auto waypointIndex = Var37 / 4U; + if (waypointIndex < vehicle_type.peep_loading_waypoints.size()) + { + Guard::Assert(waypoint < 3); + targetLoc.x += vehicle_type.peep_loading_waypoints[waypointIndex][waypoint].x; + targetLoc.y += vehicle_type.peep_loading_waypoints[waypointIndex][waypoint].y; + } SetDestination(targetLoc); }