From eefeb5cd0b6a5f0d0191db7116a5c648e9878e74 Mon Sep 17 00:00:00 2001 From: Lioncash Date: Thu, 23 Apr 2020 03:00:38 -0400 Subject: [PATCH] CGameArea: Remove undefined behavior type-punning in a few functions We can make use of std::memcpy here to get around this. --- Runtime/World/CGameArea.cpp | 42 +++++++++++++++++++++++++------------ 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/Runtime/World/CGameArea.cpp b/Runtime/World/CGameArea.cpp index 5e18b4975..c1853ca56 100644 --- a/Runtime/World/CGameArea.cpp +++ b/Runtime/World/CGameArea.cpp @@ -1,6 +1,7 @@ #include "Runtime/World/CGameArea.hpp" #include +#include #include "Runtime/CGameState.hpp" #include "Runtime/CSimplePool.hpp" @@ -247,22 +248,27 @@ static std::vector ReadDependencyList(CInputStream& in) { } std::pair, s32> GetScriptingMemoryAlways(const IGameArea& area) { - SObjectTag tag = {SBIG('MREA'), area.IGetAreaAssetId()}; + const SObjectTag tag = {SBIG('MREA'), area.IGetAreaAssetId()}; std::unique_ptr data = g_ResFactory->LoadNewResourcePartSync(tag, 0, 96); - if (*reinterpret_cast(data.get()) != SBIG(0xDEADBEEF)) + u32 magic{}; + std::memcpy(&magic, data.get(), sizeof(u32)); + if (magic != SBIG(0xDEADBEEF)) { return {}; + } - SMREAHeader header; CMemoryInStream r(data.get() + 4, 96 - 4); u32 version = r.readUint32Big(); - if (!(version & 0x10000)) + if ((version & 0x10000) == 0) { Log.report(logvisor::Fatal, FMT_STRING("Attempted to load non-URDE MREA")); - + } version &= ~0x10000; + + SMREAHeader header; header.version = (version >= 12 && version <= 15) ? version : 0; - if (!header.version) + if (!header.version) { return {}; + } header.xf.read34RowMajor(r); header.modelCount = r.readUint32Big(); @@ -743,7 +749,9 @@ bool CGameArea::StartStreamingMainArea() { void CGameArea::ReloadAllUnloadedTextures() {} u32 CGameArea::GetNumPartSizes() const { - return hecl::SBig(*reinterpret_cast(x110_mreaSecBufs[0].first.get() + 60)); + u32 value{}; + std::memcpy(&value, x110_mreaSecBufs[0].first.get() + 60, sizeof(u32)); + return hecl::SBig(value); } void CGameArea::AllocNewAreaData(int offset, int size) { @@ -1135,20 +1143,28 @@ void CGameArea::ClearTokenList() { u32 CGameArea::GetPreConstructedSize() const { return 0; } SMREAHeader CGameArea::VerifyHeader() const { - if (x110_mreaSecBufs.empty()) - return {}; - if (*reinterpret_cast(x110_mreaSecBufs[0].first.get()) != SBIG(0xDEADBEEF)) + if (x110_mreaSecBufs.empty()) { return {}; + } + + u32 magic{}; + std::memcpy(&magic, x110_mreaSecBufs[0].first.get(), sizeof(u32)); + if (magic != SBIG(0xDEADBEEF)) { + return {}; + } - SMREAHeader header; CMemoryInStream r(x110_mreaSecBufs[0].first.get() + 4, x110_mreaSecBufs[0].second - 4); u32 version = r.readUint32Big(); - if (!(version & 0x10000)) + if ((version & 0x10000) == 0) { Log.report(logvisor::Fatal, FMT_STRING("Attempted to load non-URDE MREA")); + } version &= ~0x10000; + + SMREAHeader header; header.version = (version >= 12 && version <= 15) ? version : 0; - if (!header.version) + if (!header.version) { return {}; + } header.xf.read34RowMajor(r); header.modelCount = r.readUint32Big();