OU/CWE-ou-minkata
2
3
Fork 0
mirror of https://foundry.openuru.org/gitblit/r/CWE-ou-minkata.git synced 2025-07-14 02:27:40 -04:00
Code Releases Activity

Fix wild access to font structures when rendering non-ascii unicode characters.

Browse Source
This commit is contained in:
rarified
2021-09-10 10:25:22 -06:00
parent 4329212d98
commit ed516b6508
1 changed files with 41 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
Sources/Plasma/PubUtilLib/plGImage/plFont.cpp
View File

@ -288,7 +288,16 @@ void plFont::IRenderString( plMipmap *mip, UInt16 x, UInt16 y, const wchar_t *st
if( justCalc ) if( justCalc )
{ {
plCharacter &ch = fCharacters[ (UInt16)string[ 0 ] - fFirstChar ]; UInt16 ixFC = (UInt16)L' ' - fFirstChar;
if (fCharacters.Count() <= ((UInt16)string[0] - fFirstChar)) {
UInt16 w = wctob((UInt16)string[0]);
if ((w != EOF) && (fCharacters.Count() > (w - fFirstChar)))
ixFC = w - fFirstChar;
} else {
ixFC = (UInt16)string[0] - fFirstChar;
}
plCharacter &ch = fCharacters[ixFC];
fRenderInfo.fX = fRenderInfo.fFarthestX = x - (Int16)ch.fLeftKern; fRenderInfo.fX = fRenderInfo.fFarthestX = x - (Int16)ch.fLeftKern;
if( fRenderInfo.fX < 0 ) if( fRenderInfo.fX < 0 )
fRenderInfo.fX = 0; fRenderInfo.fX = 0;
@ -387,7 +396,16 @@ void plFont::IRenderString( plMipmap *mip, UInt16 x, UInt16 y, const wchar_t *st
// Just calculating, no wrapping, so the max is as far as we can go // Just calculating, no wrapping, so the max is as far as we can go
// Note: 32767 isn't quite right, since we'll be adding the left kern in before we // Note: 32767 isn't quite right, since we'll be adding the left kern in before we
// calc the first character, so adjust so we make sure we don't underflow // calc the first character, so adjust so we make sure we don't underflow
plCharacter &ch = fCharacters[ (UInt16)(UInt8)string[ 0 ] - fFirstChar ]; UInt16 ixFC = (UInt16)L' ' - fFirstChar;
if (fCharacters.Count() <= ((UInt16)string[0] - fFirstChar)) {
UInt16 w = wctob((UInt16)string[0]);
if ((w != EOF) && (fCharacters.Count() > (w - fFirstChar)))
ixFC = w - fFirstChar;
} else {
ixFC = (UInt16)string[0] - fFirstChar;
}
plCharacter &ch = fCharacters[ixFC];
fRenderInfo.fMaxHeight = (Int16)fMaxCharHeight; fRenderInfo.fMaxHeight = (Int16)fMaxCharHeight;
fRenderInfo.fMaxWidth = (Int16)32767 + (Int16)ch.fLeftKern; fRenderInfo.fMaxWidth = (Int16)32767 + (Int16)ch.fLeftKern;
@ -451,11 +469,16 @@ void plFont::IRenderString( plMipmap *mip, UInt16 x, UInt16 y, const wchar_t *st
} }
// handle invalid chars discretely // handle invalid chars discretely
plCharacter* charToDraw = NULL; UInt16 ixFC = (UInt16)L' ' - fFirstChar;
if (fCharacters.Count() <= ((UInt16)string[i] - fFirstChar)) if (fCharacters.Count() <= ((UInt16)string[i] - fFirstChar)) {
charToDraw = &(fCharacters[(UInt16)L' ' - fFirstChar]); UInt16 w = wctob((UInt16)string[i]);
else if ((w != EOF) && (fCharacters.Count() > (w - fFirstChar)))
charToDraw = &(fCharacters[(UInt16)string[i] - fFirstChar]); ixFC = w - fFirstChar;
} else {
ixFC = (UInt16)string[i] - fFirstChar;
}
plCharacter* charToDraw = &(fCharacters[ixFC]);
Int16 leftKern = (Int16)charToDraw->fLeftKern; Int16 leftKern = (Int16)charToDraw->fLeftKern;
if( fRenderInfo.fFlags & kRenderScaleAA ) if( fRenderInfo.fFlags & kRenderScaleAA )
@ -584,8 +607,17 @@ void plFont::IRenderString( plMipmap *mip, UInt16 x, UInt16 y, const wchar_t *st
else if( ( fRenderInfo.fFlags & kRenderJustXMask ) == kRenderJustXForceLeft ) else if( ( fRenderInfo.fFlags & kRenderJustXMask ) == kRenderJustXForceLeft )
{ {
Int16 baseX = fRenderInfo.fX; Int16 baseX = fRenderInfo.fX;
plCharacter &ch = fCharacters[ (UInt16)string[ 0 ] - fFirstChar ]; UInt16 ixFC = (UInt16)L' ' - fFirstChar;
if (fCharacters.Count() <= ((UInt16)string[0] - fFirstChar)) {
UInt16 w = wctob((UInt16)string[0]);
if ((w != EOF) && (fCharacters.Count() > (w - fFirstChar)))
ixFC = w - fFirstChar;
} else {
ixFC = (UInt16)string[0] - fFirstChar;
}
plCharacter &ch = fCharacters[ixFC];
fRenderInfo.fX -= (Int16)ch.fLeftKern; fRenderInfo.fX -= (Int16)ch.fLeftKern;
fRenderInfo.fDestPtr -= (Int16)ch.fLeftKern * fRenderInfo.fDestBPP; fRenderInfo.fDestPtr -= (Int16)ch.fLeftKern * fRenderInfo.fDestBPP;