simon-git: puzzles (main): Ben Harris
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sun Feb 5 21:00:33 GMT 2023
TL;DR:
c0e08f3 Limit width and height to SHRT_MAX in Mines
49841bd Mines: Add assertions to range-check conversions to short
Repository: https://git.tartarus.org/simon/puzzles.git
On the web: https://git.tartarus.org/?p=simon/puzzles.git
Branch updated: main
Committer: Ben Harris <bjh21 at bjh21.me.uk>
Date: 2023-02-05 21:00:33
commit c0e08f308792b15425e10ad494263d77a45ad92d
web diff https://git.tartarus.org/?p=simon/puzzles.git;a=commitdiff;h=c0e08f308792b15425e10ad494263d77a45ad92d;hp=ae73ad76ef95f0e40868436cb750126322051dd0
Author: Ben Harris <bjh21 at bjh21.me.uk>
Date: Sat Jan 28 22:27:21 2023 +0000
Limit width and height to SHRT_MAX in Mines
Mines' "struct set" stores co-ordinates within the grid in a pair of
shorts, which leads to very bad behaviour (including heap-based buffer
overruns) if the grid is bigger than SHRT_MAX in either dimension. So
now we don't allow that.
The overrun can be demonstrated by loading this save file, though the
precise crash is quite variable. In particular, you seem to get
better crashes if the file doesn't have a trailing newline.
SAVEFILE:41:Simon Tatham's Portable Puzzle Collection
PARAMS :5:06000
CPARAMS :7:6x60000
NSTATES :1:3
STATEPOS:1:2
MOVE :5:C0,00
GAME :5:Mines
DESC :22:r8,u,00000000000000000
MOVE ::
mines.c | 2 ++
1 file changed, 2 insertions(+)
commit 49841bd0fc04490d94cf32c0e6f9d3f4ffabe098
web diff https://git.tartarus.org/?p=simon/puzzles.git;a=commitdiff;h=49841bd0fc04490d94cf32c0e6f9d3f4ffabe098;hp=c0e08f308792b15425e10ad494263d77a45ad92d
Author: Ben Harris <bjh21 at bjh21.me.uk>
Date: Tue Jan 31 21:08:05 2023 +0000
Mines: Add assertions to range-check conversions to short
I think these should be adequately guarded by the new restrictions on
grid size, but I'd prefer to be sure.
mines.c | 4 ++++
1 file changed, 4 insertions(+)
More information about the tartarus-commits
mailing list