X-Git-Url: http://git.xonotic.org/?a=blobdiff_plain;f=prvm_execprogram.h;h=ff5a94abf5845a834a3dbe539ca1b961bc36af10;hb=bcbb99559a7fb1ee350b45035f7132abb714a59e;hp=86596615c509f6269836acf8c6eb83dd192d88dd;hpb=1a8f5b21bbebfc69c168241a1393053ea17c7fca;p=xonotic%2Fdarkplaces.git

diff --git a/prvm_execprogram.h b/prvm_execprogram.h
index 86596615..ff5a94ab 100644
--- a/prvm_execprogram.h
+++ b/prvm_execprogram.h
@@ -3,7 +3,7 @@
 
 		while (1)
 		{
-			st++; // TODO bounds check
+			st++;
 
 #if PRVMTRACE
 			PRVM_PrintStatement(st);
@@ -82,13 +82,13 @@
 				OPC->_float = OPA->_float < OPB->_float;
 				break;
 			case OP_AND:
-				OPC->_float = OPA->_float && OPB->_float;
+				OPC->_float = FLOAT_IS_TRUE_FOR_INT(OPA->_int) && FLOAT_IS_TRUE_FOR_INT(OPB->_int); // TODO change this back to float, and add AND_I to be used by fteqcc for anything not a float
 				break;
 			case OP_OR:
-				OPC->_float = OPA->_float || OPB->_float;
+				OPC->_float = FLOAT_IS_TRUE_FOR_INT(OPA->_int) || FLOAT_IS_TRUE_FOR_INT(OPB->_int); // TODO change this back to float, and add OR_I to be used by fteqcc for anything not a float
 				break;
 			case OP_NOT_F:
-				OPC->_float = !OPA->_float;
+				OPC->_float = !FLOAT_IS_TRUE_FOR_INT(OPA->_int);
 				break;
 			case OP_NOT_V:
 				OPC->_float = !OPA->vector[0] && !OPA->vector[1] && !OPA->vector[2];
@@ -153,7 +153,7 @@
 			case OP_STOREP_S:
 			case OP_STOREP_FNC:		// pointers
 #if PRVMBOUNDSCHECK
-				if (OPB->_int < 0 || OPB->_int + 4 > prog->edictareasize)
+				if (OPB->_int < 0 || OPB->_int + 1 > prog->entityfieldsarea)
 				{
 					prog->xfunction->profile += (st - startst);
 					prog->xstatement = st - prog->statements;
@@ -161,12 +161,14 @@
 					goto cleanup;
 				}
 #endif
-				ptr = (prvm_eval_t *)((unsigned char *)prog->edictsfields + OPB->_int);
+				if (OPB->_int < prog->progs->entityfields && !prog->allowworldwrites)
+					Con_DPrintf("WARNING: assignment to world.%s (field %i) in %s\n", PRVM_GetString(PRVM_ED_FieldAtOfs(OPB->_int)->s_name), OPB->_int, PRVM_NAME);
+				ptr = (prvm_eval_t *)(prog->edictsfields + OPB->_int);
 				ptr->_int = OPA->_int;
 				break;
 			case OP_STOREP_V:
 #if PRVMBOUNDSCHECK
-				if (OPB->_int < 0 || OPB->_int + 12 > prog->edictareasize)
+				if (OPB->_int < 0 || OPB->_int + 3 > prog->entityfieldsarea)
 				{
 					prog->xfunction->profile += (st - startst);
 					prog->xstatement = st - prog->statements;
@@ -174,7 +176,9 @@
 					goto cleanup;
 				}
 #endif
-				ptr = (prvm_eval_t *)((unsigned char *)prog->edictsfields + OPB->_int);
+				if (OPB->_int < prog->progs->entityfields && !prog->allowworldwrites)
+					Con_DPrintf("WARNING: assignment to world.%s (field %i) in %s\n", PRVM_GetString(PRVM_ED_FieldAtOfs(OPB->_int)->s_name), OPB->_int, PRVM_NAME);
+				ptr = (prvm_eval_t *)(prog->edictsfields + OPB->_int);
 				ptr->ivector[0] = OPA->ivector[0];
 				ptr->ivector[1] = OPA->ivector[1];
 				ptr->ivector[2] = OPA->ivector[2];
@@ -182,6 +186,13 @@
 
 			case OP_ADDRESS:
 #if PRVMBOUNDSCHECK
+				if (OPA->edict < 0 || OPA->edict >= prog->max_edicts)
+				{
+					prog->xfunction->profile += (st - startst);
+					prog->xstatement = st - prog->statements;
+					PRVM_ERROR ("%s Progs attempted to address an out of bounds edict number", PRVM_NAME);
+					goto cleanup;
+				}
 				if ((unsigned int)(OPB->_int) >= (unsigned int)(prog->progs->entityfields))
 				{
 					prog->xfunction->profile += (st - startst);
@@ -190,6 +201,7 @@
 					goto cleanup;
 				}
 #endif
+#if 0
 				if (OPA->edict == 0 && !prog->allowworldwrites)
 				{
 					prog->xfunction->profile += (st - startst);
@@ -197,8 +209,9 @@
 					PRVM_ERROR("forbidden assignment to null/world entity in %s", PRVM_NAME);
 					goto cleanup;
 				}
+#endif
 				ed = PRVM_PROG_TO_EDICT(OPA->edict);
-				OPC->_int = (unsigned char *)((int *)ed->fields.vp + OPB->_int) - (unsigned char *)prog->edictsfields;
+				OPC->_int = ed->fields.vp - prog->edictsfields + OPB->_int;
 				break;
 
 			case OP_LOAD_F:
@@ -207,6 +220,13 @@
 			case OP_LOAD_S:
 			case OP_LOAD_FNC:
 #if PRVMBOUNDSCHECK
+				if (OPA->edict < 0 || OPA->edict >= prog->max_edicts)
+				{
+					prog->xfunction->profile += (st - startst);
+					prog->xstatement = st - prog->statements;
+					PRVM_ERROR ("%s Progs attempted to read an out of bounds edict number", PRVM_NAME);
+					goto cleanup;
+				}
 				if ((unsigned int)(OPB->_int) >= (unsigned int)(prog->progs->entityfields))
 				{
 					prog->xfunction->profile += (st - startst);
@@ -215,12 +235,19 @@
 					goto cleanup;
 				}
 #endif
-				ed = PRVM_PROG_TO_EDICT(OPA->edict); // TODO bounds check entity number
+				ed = PRVM_PROG_TO_EDICT(OPA->edict);
 				OPC->_int = ((prvm_eval_t *)((int *)ed->fields.vp + OPB->_int))->_int;
 				break;
 
 			case OP_LOAD_V:
 #if PRVMBOUNDSCHECK
+				if (OPA->edict < 0 || OPA->edict >= prog->max_edicts)
+				{
+					prog->xfunction->profile += (st - startst);
+					prog->xstatement = st - prog->statements;
+					PRVM_ERROR ("%s Progs attempted to read an out of bounds edict number", PRVM_NAME);
+					goto cleanup;
+				}
 				if (OPB->_int < 0 || OPB->_int + 2 >= prog->progs->entityfields)
 				{
 					prog->xfunction->profile += (st - startst);
@@ -229,7 +256,7 @@
 					goto cleanup;
 				}
 #endif
-				ed = PRVM_PROG_TO_EDICT(OPA->edict); // TODO bounds check entity number
+				ed = PRVM_PROG_TO_EDICT(OPA->edict);
 				OPC->ivector[0] = ((prvm_eval_t *)((int *)ed->fields.vp + OPB->_int))->ivector[0];
 				OPC->ivector[1] = ((prvm_eval_t *)((int *)ed->fields.vp + OPB->_int))->ivector[1];
 				OPC->ivector[2] = ((prvm_eval_t *)((int *)ed->fields.vp + OPB->_int))->ivector[2];
@@ -238,19 +265,20 @@
 		//==================
 
 			case OP_IFNOT:
-				if (!OPA->_float)
-				// TODO add an "int-ifnot"
+				if(!FLOAT_IS_TRUE_FOR_INT(OPA->_int))
+				// TODO add an "int-if", and change this one to OPA->_float
 				// although mostly unneeded, thanks to the only float being false being 0x0 and 0x80000000 (negative zero)
 				// and entity, string, field values can never have that value
 				{
 					prog->xfunction->profile += (st - startst);
 					st += st->b - 1;	// offset the s++
 					startst = st;
+					// no bounds check needed, it is done when loading progs
 #if PRVMRUNAWAYCHECK
 					if (++jumpcount == 10000000)
 					{
 						prog->xstatement = st - prog->statements;
-						PRVM_Profile(1<<30, 1000000);
+						PRVM_Profile(1<<30, 1000000, 0);
 						PRVM_ERROR("%s runaway loop counter hit limit of %d jumps\ntip: read above for list of most-executed functions", PRVM_NAME, jumpcount);
 					}
 #endif
@@ -258,19 +286,20 @@
 				break;
 
 			case OP_IF:
-				if (OPA->_float)
-				// TODO add an "int-if"
+				if(FLOAT_IS_TRUE_FOR_INT(OPA->_int))
+				// TODO add an "int-if", and change this one, as well as the FLOAT_IS_TRUE_FOR_INT usages, to OPA->_float
 				// although mostly unneeded, thanks to the only float being false being 0x0 and 0x80000000 (negative zero)
 				// and entity, string, field values can never have that value
 				{
 					prog->xfunction->profile += (st - startst);
 					st += st->b - 1;	// offset the s++
 					startst = st;
+					// no bounds check needed, it is done when loading progs
 #if PRVMRUNAWAYCHECK
 					if (++jumpcount == 10000000)
 					{
 						prog->xstatement = st - prog->statements;
-						PRVM_Profile(1<<30, 1000000);
+						PRVM_Profile(1<<30, 1000000, 0);
 						PRVM_ERROR("%s runaway loop counter hit limit of %d jumps\ntip: read above for list of most-executed functions", PRVM_NAME, jumpcount);
 					}
 #endif
@@ -281,11 +310,12 @@
 				prog->xfunction->profile += (st - startst);
 				st += st->a - 1;	// offset the s++
 				startst = st;
+				// no bounds check needed, it is done when loading progs
 #if PRVMRUNAWAYCHECK
 				if (++jumpcount == 10000000)
 				{
 					prog->xstatement = st - prog->statements;
-					PRVM_Profile(1<<30, 1000000);
+					PRVM_Profile(1<<30, 1000000, 0);
 					PRVM_ERROR("%s runaway loop counter hit limit of %d jumps\ntip: read above for list of most-executed functions", PRVM_NAME, jumpcount);
 				}
 #endif
@@ -306,7 +336,18 @@
 				prog->argc = st->op - OP_CALL0;
 				if (!OPA->function)
 					PRVM_ERROR("NULL function in %s", PRVM_NAME);
-				newf = &prog->functions[OPA->function]; // TODO bounds check function
+
+#if PRVMBOUNDSCHECK
+				if(!OPA->function || OPA->function >= (unsigned int)prog->progs->numfunctions)
+				{
+					prog->xfunction->profile += (st - startst);
+					prog->xstatement = st - prog->statements; // we better stay on the previously executed statement
+					PRVM_ERROR("%s CALL outside the program", PRVM_NAME);
+					goto cleanup;
+				}
+#endif
+
+				newf = &prog->functions[OPA->function];
 				newf->callcount++;
 
 				if (newf->first_statement < 0)
@@ -520,12 +561,12 @@
 					goto cleanup;
 				}
 #endif
-				ptr = (prvm_eval_t *)((unsigned char *)prog->edictsfields + OPB->_int);
+				ptr = (prvm_eval_t *)(prog->edictsfields + OPB->_int);
 				ptr->_int = OPA->_int;
 				break;
 			case OP_LOAD_I:
 #if PRBOUNDSCHECK
-				if (OPA->edict < 0 || OPA->edict >= pr_edictareasize)
+				if (OPA->edict < 0 || OPA->edict >= prog->max_edicts)
 				{
 					prog->xfunction->profile += (st - startst);
 					prog->xstatement = st - prog->statements;