Skip to content

Commit

Permalink
BLADERUNNER: Fixed integer underflow for Russian videos
Browse files Browse the repository at this point in the history
  • Loading branch information
@peterkohaut
peterkohaut committed Mar 17, 2019
1 parent 7e472de commit bba7ab7
Showing 1 changed file with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions engines/bladerunner/vqa_decoder.cpp
View file
Expand Up @@ -347,10 +347,12 @@ bool VQADecoder::readVQHD(Common::SeekableReadStream *s, uint32 size) {
bool VQADecoder::VQAVideoTrack::readVQFR(Common::SeekableReadStream *s, uint32 size, uint readFlags) {
IFFChunkHeader chd;

while (size >= 8) {
signed int sizeLeft = size; // we have to use signed int to avoid underflow

while (sizeLeft >= 8) {
if (!readIFFChunkHeader(s, &chd))
return false;
size -= roundup(chd.size) + 8;
sizeLeft -= roundup(chd.size) + 8;

bool rc = false;
switch (chd.id) {
Expand Down Expand Up @@ -663,10 +665,12 @@ void VQADecoder::VQAVideoTrack::decodeVideoFrame(Graphics::Surface *surface, boo
bool VQADecoder::VQAVideoTrack::readVQFL(Common::SeekableReadStream *s, uint32 size, uint readFlags) {
IFFChunkHeader chd;

while (size >= 8) {
signed int sizeLeft = size; // we have to use signed int to avoid underflow

while (sizeLeft >= 8) {
if (!readIFFChunkHeader(s, &chd))
return false;
size -= roundup(chd.size) + 8;
sizeLeft -= roundup(chd.size) + 8;

bool rc = false;
switch (chd.id) {
Expand Down

0 comments on commit bba7ab7

Please sign in to comment.