mirror/fallout2-ce
1
0
Fork 0
mirror of https://github.com/alexbatalov/fallout2-ce.git synced 2025-02-23 06:40:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overrun for audio files with 8 char names (#378)

Browse Source 
Co-authored-by: Alexander Batalov <alex.batalov@gmail.com>
This commit is contained in:
Graham Gower 2025-01-14 03:47:13 +10:30 committed by GitHub
parent ad7b0e56ab
commit bd7321b128
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/lips.cc
View File

@ -15,7 +15,7 @@
namespace fallout {
static char* _lips_fix_string(const char* fileName, size_t length);
static char* lips_fix_string(const char* fileName, size_t length);
static int lipsReadV1(LipsData* a1, File* stream);
static int _lips_make_speech();
@ -65,14 +65,15 @@ static int _speechStartTime = 0;
// 0x613CA0
static char _lips_subdir_name[14];
// 0x613CAE
static char _tmp_str[50];
// 0x47AAC0
static char* _lips_fix_string(const char* fileName, size_t length)
static char* lips_fix_string(const char* fileName, size_t length)
{
strncpy(_tmp_str, fileName, length);
return _tmp_str;
// 0x613CAE
static char tmp_str[50];
strncpy(tmp_str, fileName, length);
tmp_str[length] = '\0';
return tmp_str;
}
// 0x47AAD8
@ -212,7 +213,7 @@ static int lipsReadV1(LipsData* lipsData, File* stream)
if (fileReadInt32(stream, &(lipsData->field_44)) == -1) return -1;
if (fileReadInt32(stream, &(lipsData->field_48)) == -1) return -1;
if (fileReadInt32(stream, &(lipsData->field_4C)) == -1) return -1;
if (fileReadFixedLengthString(stream, lipsData->field_50, 8) == -1) return -1;
if (fileReadFixedLengthString(stream, lipsData->file_name, 8) == -1) return -1;
if (fileReadFixedLengthString(stream, lipsData->field_58, 4) == -1) return -1;
if (fileReadFixedLengthString(stream, lipsData->field_5C, 4) == -1) return -1;
if (fileReadFixedLengthString(stream, lipsData->field_60, 4) == -1) return -1;
@ -235,7 +236,7 @@ int lipsLoad(const char* audioFileName, const char* headFileName)
{
char* sep;
int i;
char v60[16];
char audioBaseName[16];
SpeechMarker* speech_marker;
SpeechMarker* prev_speech_marker;
@ -254,16 +255,16 @@ int lipsLoad(const char* audioFileName, const char* headFileName)
*sep = '\0';
}
strcpy(v60, audioFileName);
strcpy(audioBaseName, audioFileName);
sep = strchr(v60, '.');
sep = strchr(audioBaseName, '.');
if (sep != nullptr) {
*sep = '\0';
}
strcpy(gLipsData.field_50, v60);
strncpy(gLipsData.file_name, audioBaseName, sizeof(gLipsData.file_name));
strcat(path, _lips_fix_string(gLipsData.field_50, sizeof(gLipsData.field_50)));
strcat(path, lips_fix_string(gLipsData.file_name, sizeof(gLipsData.file_name)));
strcat(path, ".");
strcat(path, gLipsData.field_60);
@ -296,7 +297,7 @@ int lipsLoad(const char* audioFileName, const char* headFileName)
if (fileReadInt32(stream, &(gLipsData.field_24)) == -1) return -1;
if (fileReadInt32(stream, &(gLipsData.field_28)) == -1) return -1;
if (fileReadInt32(stream, &(gLipsData.field_2C)) == -1) return -1;
if (fileReadFixedLengthString(stream, gLipsData.field_50, 8) == -1) return -1;
if (fileReadFixedLengthString(stream, gLipsData.file_name, 8) == -1) return -1;
if (fileReadFixedLengthString(stream, gLipsData.field_58, 4) == -1) return -1;
} else {
debugPrint("\nError: Lips file WRONG version: %s!", path);
@ -405,7 +406,7 @@ static int _lips_make_speech()
}
char path[COMPAT_MAX_PATH];
char* v1 = _lips_fix_string(gLipsData.field_50, sizeof(gLipsData.field_50));
char* v1 = lips_fix_string(gLipsData.file_name, sizeof(gLipsData.file_name));
snprintf(path, sizeof(path), "%s%s\\%s.%s", "SOUND\\SPEECH\\", _lips_subdir_name, v1, "ACM");
if (gLipsData.sound != nullptr) {

2
src/lips.h
View File

@ -40,7 +40,7 @@ typedef struct LipsData {
int field_44;
int field_48;
int field_4C;
char field_50[8];
char file_name[8];
char field_58[4];
char field_5C[4];
char field_60[4];