From 25b0870ed49bfc97221dea9bc06c4ececc394218 Mon Sep 17 00:00:00 2001
From: Jeffrey Lee <jlee@gitlab.riscosopen.org>
Date: Sat, 25 Jun 2011 23:02:08 +0000
Subject: [PATCH] Make SpriteExtend perform sanity checks on sprite/area
pointers
Detail:
Sources/SprExtend - Added new CheckAlignedAndSensible macro to make it easy to check pointers. Pointers which aren't word aligned or are less than 256 are considered bad.
Sources/SprOp - Update findsprite, getspritename and getspriteaddr to check sprite/area/name pointers for validity. Sprite names are the only ones that are allowed to not be word aligned.
Admin:
Tested on rev A2 BB-xM.
Version 1.43. Tagged as 'SprExtend-1_43'
---
Sources/SprExtend | 9 +++++++++
Sources/SprOp | 28 ++++++++++++++++++++++------
VersionASM | 12 ++++++------
VersionNum | 20 ++++++++++----------
4 files changed, 47 insertions(+), 22 deletions(-)
diff --git a/Sources/SprExtend b/Sources/SprExtend
index dab2e45..5c8fcf1 100644
--- a/Sources/SprExtend
+++ b/Sources/SprExtend
@@ -257,6 +257,15 @@ $l LDR $temp, [$sprite, #$offset]
BHI %F99 ; out of range
MEND
+ MACRO
+$l CheckAlignedAndSensible $addr,$failed
+$l TST $addr, #3 ; word aligned?
+ BNE $failed
+ CMP $addr, #256 ; outside processor vectors?
+ BLO $failed
+ MEND
+
+
; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
; Data areas & register allocation
; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/Sources/SprOp b/Sources/SprOp
index fadbcc3..13e2d9c 100644
--- a/Sources/SprOp
+++ b/Sources/SprOp
@@ -1042,6 +1042,12 @@ getspritename
ADRL R3,spritename
ADD R4,R3,#12
+
+ CMP R2,#256 ; sensible name ptr?
+ BHS %FT01
+ ADR R0,ErrorBlock_BadAddress
+ BL copy_error_one
+ B %FT99
01
LDRB R0,[R2],#1
CMP R0,#" " ; ignore control characters and <space> too!
@@ -1056,7 +1062,7 @@ getspritename
CMP R3,R4 ; pad with nulls
STRCCB R0,[R3],#1
BCC %BT03
-99
+99
STRVS R0,[R13]
Pull "R0-R1,R3-R4,PC"
MakeSpriteErrorBlock NoWorkSpace,,NoWork
@@ -1076,14 +1082,17 @@ getspriteaddr
ADREQ R0, ErrorBlock_NoWorkSpace ; can't do anything with this!
addr r1, Title, EQ
BLEQ copy_error_one ; Always sets the V bit
- BVS %FT99
+ BVS %FT98
MOV R1,R0 ; R1 -> system sprite area
STR R1,[sp] ; return for AppendSprite
+ B %FT01
00
+ CheckAlignedAndSensible R1,%F99
TEQ R14,#&200 ; R2 --> sprite already
- BEQ %FT99
+ BEQ %FT97
+01
ADRL R14,spritename
LDMIA R14,{R3,R4,R5}
@@ -1101,7 +1110,7 @@ getspriteaddr
]
BLCS get_sprite_doesnt_exist_error ; r0-> error block, V set
- BVS %FT99
+ BVS %FT98
LDMIA R2,{R1,R6,R7,R8} ; get link plus name
TEQ R6,R3
@@ -1109,9 +1118,17 @@ getspriteaddr
TEQEQ R8,R5
ADDNE R2,R2,R1
BNE %BT04
+97
+ CheckAlignedAndSensible R2,%F99
+98
+ Pull "R1,R3-R9,PC"
99
+ ADR R0,ErrorBlock_BadAddress
+ BL copy_error_one
Pull "R1,R3-R9,PC"
+ MakeErrorBlock BadAddress
+
; makepalette16bpp
; convert palette to 16bpp for output to 16bpp mode plotting directly from palette
; if this is not done, the spriteextend blitter will run out of registers!
@@ -2889,8 +2906,7 @@ Go_CheckSpriteArea
Push "r1-r5, lr" ; 6 regs + r0/r10/r11 to mess with, total 9
- TST r1, #3 ; at least need an aligned area to start with
- BNE %FT99
+ CheckAlignedAndSensible r1,%F99 ; at least need an aligned area to start with
ASSERT SpriteAreaCBsize = (4 * 4)
LDMIA r1, {r2-r5}
diff --git a/VersionASM b/VersionASM
index ca35831..53ac122 100644
--- a/VersionASM
+++ b/VersionASM
@@ -11,13 +11,13 @@
GBLS Module_HelpVersion
GBLS Module_ComponentName
GBLS Module_ComponentPath
-Module_MajorVersion SETS "1.42"
-Module_Version SETA 142
+Module_MajorVersion SETS "1.43"
+Module_Version SETA 143
Module_MinorVersion SETS ""
-Module_Date SETS "14 Apr 2011"
-Module_ApplicationDate SETS "14-Apr-11"
+Module_Date SETS "25 Jun 2011"
+Module_ApplicationDate SETS "25-Jun-11"
Module_ComponentName SETS "SprExtend"
Module_ComponentPath SETS "mixed/RiscOS/Sources/Video/Render/SprExtend"
-Module_FullVersion SETS "1.42"
-Module_HelpVersion SETS "1.42 (14 Apr 2011)"
+Module_FullVersion SETS "1.43"
+Module_HelpVersion SETS "1.43 (25 Jun 2011)"
END
diff --git a/VersionNum b/VersionNum
index 2902fea..e99c764 100644
--- a/VersionNum
+++ b/VersionNum
@@ -1,23 +1,23 @@
-/* (1.42)
+/* (1.43)
*
* This file is automatically maintained by srccommit, do not edit manually.
* Last processed by srccommit version: 1.1.
*
*/
-#define Module_MajorVersion_CMHG 1.42
+#define Module_MajorVersion_CMHG 1.43
#define Module_MinorVersion_CMHG
-#define Module_Date_CMHG 14 Apr 2011
+#define Module_Date_CMHG 25 Jun 2011
-#define Module_MajorVersion "1.42"
-#define Module_Version 142
+#define Module_MajorVersion "1.43"
+#define Module_Version 143
#define Module_MinorVersion ""
-#define Module_Date "14 Apr 2011"
+#define Module_Date "25 Jun 2011"
-#define Module_ApplicationDate "14-Apr-11"
+#define Module_ApplicationDate "25-Jun-11"
#define Module_ComponentName "SprExtend"
#define Module_ComponentPath "mixed/RiscOS/Sources/Video/Render/SprExtend"
-#define Module_FullVersion "1.42"
-#define Module_HelpVersion "1.42 (14 Apr 2011)"
-#define Module_LibraryVersionInfo "1:42"
+#define Module_FullVersion "1.43"
+#define Module_HelpVersion "1.43 (25 Jun 2011)"
+#define Module_LibraryVersionInfo "1:43"
--
GitLab