dan
/
TIC-80-guile
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #342 from death/bounds-checking 

better bounds checking for memcpy, memset
This commit is contained in:
Vadim Grigoruk 2017-10-17 21:49:32 +03:00 committed by GitHub
parent 6f3b87b681 48f61d7b80
commit 2f99f85d34
3 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -8,7 +8,7 @@ Documentation is available in the [wiki](https://github.com/nesbox/tic.computer/
Thanks! Thanks!
# Building instructions # Build instructions
## Windows ## Windows
### with Visual Studio 2015 ### with Visual Studio 2015
@ -24,6 +24,10 @@ git clone https://github.com/nesbox/TIC-80
- open `TIC-80\build\windows\tic\tic.sln` and build - open `TIC-80\build\windows\tic\tic.sln` and build
- enjoy :) - enjoy :)
### with MinGW32
follow the instructions in the tutorial https://matheuslessarodrigues.github.io/tic80-build-tutorial/
made by [@matheuslessarodrigues](https://github.com/matheuslessarodrigues)
## Linux ## Linux
run the following commands in the Terminal run the following commands in the Terminal
``` ```
@ -32,3 +36,6 @@ git clone https://github.com/nesbox/TIC-80
cd TIC-80 cd TIC-80
make linux32 (or linux64/arm depending on your system) make linux32 (or linux64/arm depending on your system)
``` ```
## iOS / tvOS
You can find iOS/tvOS version here https://github.com/CliffsDover/TIC-80

7
src/jsapi.c
View File

@ -466,10 +466,9 @@ static duk_ret_t duk_memcpy(duk_context* duk)
s32 dest = duk_to_int(duk, 0); s32 dest = duk_to_int(duk, 0);
s32 src = duk_to_int(duk, 1); s32 src = duk_to_int(duk, 1);
s32 size = duk_to_int(duk, 2); s32 size = duk_to_int(duk, 2);
s32 dstBound = sizeof(tic_ram) - size; s32 bound = sizeof(tic_ram) - size;
s32 srcBound = sizeof(tic_mem) - size;
if(size > 0 && dest < dstBound && src < srcBound) if(size >= 0 && size <= sizeof(tic_ram) && dest >= 0 && src >= 0 && dest <= bound && src <= bound)
{ {
u8* base = (u8*)&getDukMachine(duk)->memory; u8* base = (u8*)&getDukMachine(duk)->memory;
memcpy(base + dest, base + src, size); memcpy(base + dest, base + src, size);
@ -485,7 +484,7 @@ static duk_ret_t duk_memset(duk_context* duk)
s32 size = duk_to_int(duk, 2); s32 size = duk_to_int(duk, 2);
s32 bound = sizeof(tic_ram) - size; s32 bound = sizeof(tic_ram) - size;
if(size > 0 && dest < bound) if(size >= 0 && size <= sizeof(tic_ram) && dest >= 0 && dest <= bound)
{ {
u8* base = (u8*)&getDukMachine(duk)->memory; u8* base = (u8*)&getDukMachine(duk)->memory;
memset(base + dest, value, size); memset(base + dest, value, size);

7
src/luaapi.c
View File

@ -759,10 +759,9 @@ static s32 lua_memcpy(lua_State* lua)
s32 dest = getLuaNumber(lua, 1); s32 dest = getLuaNumber(lua, 1);
s32 src = getLuaNumber(lua, 2); s32 src = getLuaNumber(lua, 2);
s32 size = getLuaNumber(lua, 3); s32 size = getLuaNumber(lua, 3);
s32 dstBound = sizeof(tic_ram) - size; s32 bound = sizeof(tic_ram) - size;
s32 srcBound = sizeof(tic_mem) - size;
if(dest < dstBound && src < srcBound) if(size >= 0 && size <= sizeof(tic_ram) && dest >= 0 && src >= 0 && dest <= bound && src <= bound)
{ {
u8* base = (u8*)&getLuaMachine(lua)->memory; u8* base = (u8*)&getLuaMachine(lua)->memory;
memcpy(base + dest, base + src, size); memcpy(base + dest, base + src, size);
@ -786,7 +785,7 @@ static s32 lua_memset(lua_State* lua)
s32 size = getLuaNumber(lua, 3); s32 size = getLuaNumber(lua, 3);
s32 bound = sizeof(tic_ram) - size; s32 bound = sizeof(tic_ram) - size;
if(dest < bound) if(size >= 0 && size <= sizeof(tic_ram) && dest >= 0 && dest <= bound)
{ {
u8* base = (u8*)&getLuaMachine(lua)->memory; u8* base = (u8*)&getLuaMachine(lua)->memory;
memset(base + dest, value, size); memset(base + dest, value, size);