Permalink
Browse files

WINTERMUTE: Check keyboard state array index

vKeyToKeyCode() method was unsafe if vkey >= KEYSTATES_ARRAY_SIZE was
provided, fixed
  • Loading branch information...
lolbot-iichan authored and tobiatesan committed Aug 16, 2018
1 parent 52b4206 commit e97b1e560d4f3a0eed758047e8c40ecc69c98231
Showing with 5 additions and 3 deletions.
  1. +5 −3 engines/wintermute/base/base_keyboard_state.cpp
@@ -32,6 +32,8 @@
#include "common/system.h"
#include "common/keyboard.h"

#define KEYSTATES_ARRAY_SIZE (Common::KEYCODE_UNDO + 1) // Hardcoded size for the common/keyboard.h enum

namespace Wintermute {

IMPLEMENT_PERSISTENT(BaseKeyboardState, false)
@@ -46,8 +48,8 @@ BaseKeyboardState::BaseKeyboardState(BaseGame *inGame) : BaseScriptable(inGame)
_currentAlt = false;
_currentControl = false;

_keyStates = new uint8[323]; // Hardcoded size for the common/keyboard.h enum
for (int i = 0; i < 323; i++) {
_keyStates = new uint8[KEYSTATES_ARRAY_SIZE];
for (int i = 0; i < KEYSTATES_ARRAY_SIZE; i++) {
_keyStates[i] = false;
}
}
@@ -499,7 +501,7 @@ Common::KeyCode BaseKeyboardState::vKeyToKeyCode(uint32 vkey) {
return Common::KEYCODE_SCROLLOCK;
default:
warning("Unknown VKEY: %d", vkey);
return (Common::KeyCode)vkey;
return (Common::KeyCode)(vkey < KEYSTATES_ARRAY_SIZE ? vkey : 0);
break;
}

0 comments on commit e97b1e5

Please sign in to comment.