fix out of bounds read
This commit is contained in:
parent
1d8e302c13
commit
e311eea1c5
|
@ -638,6 +638,7 @@ void MapVRAM_CD(u32 bank, u8 cnt)
|
|||
case 2: // ARM7 VRAM
|
||||
ofs &= 0x1;
|
||||
VRAMMap_ARM7[ofs] |= bankmask;
|
||||
memset(VRAMDirty[bank].Data, 0xFF, sizeof(VRAMDirty[bank].Data));
|
||||
VRAMSTAT |= (1 << (bank-2));
|
||||
break;
|
||||
|
||||
|
@ -1177,6 +1178,7 @@ NonStupidBitField<Size/VRAMDirtyGranularity> VRAMTrackingSet<Size, MappingGranul
|
|||
{
|
||||
if (currentMappings[i] != Mapping[i])
|
||||
{
|
||||
printf("remapped %x %x\n", currentMappings[i], Mapping[i]);
|
||||
result |= NonStupidBitField<Size/VRAMDirtyGranularity>(i*VRAMBitsPerMapping, VRAMBitsPerMapping);
|
||||
banksToBeZeroed |= currentMappings[i];
|
||||
Mapping[i] = currentMappings[i];
|
||||
|
@ -1265,7 +1267,6 @@ void SyncDirtyFlags()
|
|||
SyncDirtyFlags(VRAMMap_AOBJ, VRAMWritten_AOBJ);
|
||||
SyncDirtyFlags(VRAMMap_BBG, VRAMWritten_BBG);
|
||||
SyncDirtyFlags(VRAMMap_BOBJ, VRAMWritten_BOBJ);
|
||||
SyncDirtyFlags(VRAMMap_ARM7, VRAMWritten_ARM7);
|
||||
}
|
||||
|
||||
template <u32 MappingGranularity, u32 Size>
|
||||
|
|
|
@ -80,7 +80,6 @@ extern NonStupidBitField<512*1024/VRAMDirtyGranularity> VRAMWritten_ABG;
|
|||
extern NonStupidBitField<256*1024/VRAMDirtyGranularity> VRAMWritten_AOBJ;
|
||||
extern NonStupidBitField<128*1024/VRAMDirtyGranularity> VRAMWritten_BBG;
|
||||
extern NonStupidBitField<128*1024/VRAMDirtyGranularity> VRAMWritten_BOBJ;
|
||||
extern NonStupidBitField<256*1024/VRAMDirtyGranularity> VRAMWritten_ARM7;
|
||||
|
||||
extern NonStupidBitField<128*1024/VRAMDirtyGranularity> VRAMDirty[9];
|
||||
|
||||
|
@ -458,8 +457,6 @@ void WriteVRAM_ARM7(u32 addr, T val)
|
|||
{
|
||||
u32 mask = VRAMMap_ARM7[(addr >> 17) & 0x1];
|
||||
|
||||
VRAMWritten_ARM7[(addr & 0x1FFFF) / VRAMDirtyGranularity] = true;
|
||||
|
||||
if (mask & (1<<2)) *(T*)&VRAM_C[addr & 0x1FFFF] = val;
|
||||
if (mask & (1<<3)) *(T*)&VRAM_D[addr & 0x1FFFF] = val;
|
||||
}
|
||||
|
|
|
@ -51,9 +51,14 @@ struct NonStupidBitField
|
|||
template <typename T>
|
||||
void Next()
|
||||
{
|
||||
while (RemainingBits == 0 && DataIdx < DataLength)
|
||||
if (DataIdx >= DataLength)
|
||||
return;
|
||||
|
||||
while (RemainingBits == 0)
|
||||
{
|
||||
DataIdx += sizeof(T);
|
||||
if (DataIdx >= DataLength)
|
||||
return;
|
||||
RemainingBits = *(T*)&BitField.Data[DataIdx];
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue