WINTERMUTE: Check keyboard state array index

vKeyToKeyCode() method was unsafe if vkey >= KEYSTATES_ARRAY_SIZE was provided, fixed
scummvm · Aug 18, 2018 · 0e15c05 · 0e15c05
1 parent 9f01f76
commit 0e15c05
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/engines/wintermute/base/base_keyboard_state.cpp b/engines/wintermute/base/base_keyboard_state.cpp
@@ -32,6 +32,8 @@
 #include "common/system.h"
 #include "common/keyboard.h"
 
+#define KEYSTATES_ARRAY_SIZE (Common::KEYCODE_UNDO + 1) // Hardcoded size for the common/keyboard.h enum
+
 namespace Wintermute {
 
 IMPLEMENT_PERSISTENT(BaseKeyboardState, false)
@@ -46,8 +48,8 @@ BaseKeyboardState::BaseKeyboardState(BaseGame *inGame) : BaseScriptable(inGame)
 	_currentAlt = false;
 	_currentControl = false;
 
-	_keyStates = new uint8[323]; // Hardcoded size for the common/keyboard.h enum
-	for (int i = 0; i < 323; i++) {
+	_keyStates = new uint8[KEYSTATES_ARRAY_SIZE];
+	for (int i = 0; i < KEYSTATES_ARRAY_SIZE; i++) {
 		_keyStates[i] = false;
 	}
 }
@@ -499,7 +501,7 @@ Common::KeyCode BaseKeyboardState::vKeyToKeyCode(uint32 vkey) {
 		return Common::KEYCODE_SCROLLOCK;
 	default:
 		warning("Unknown VKEY: %d", vkey);
-		return (Common::KeyCode)vkey;
+		return (Common::KeyCode)(vkey < KEYSTATES_ARRAY_SIZE ? vkey : 0);
 		break;
 	}