From dee72e94302f1a0fec2be48ba807240b46fb48df Mon Sep 17 00:00:00 2001 From: Phillip Andrews Date: Tue, 21 May 2019 17:58:10 -0500 Subject: [PATCH] Make script literal lookup functions safer Assert isn't really the right way to range check these, since in theory we could have a malformed compiled script. This should make it safer with zero performance overhead. --- components/interpreter/runtime.cpp | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/components/interpreter/runtime.cpp b/components/interpreter/runtime.cpp index 6599882f1..a90bda94b 100644 --- a/components/interpreter/runtime.cpp +++ b/components/interpreter/runtime.cpp @@ -15,7 +15,8 @@ namespace Interpreter int Runtime::getIntegerLiteral (int index) const { - assert (index>=0 && index (mCode[1])); + if (index < 0 || index >= static_cast (mCode[1])) + throw std::out_of_range("out of range"); const Type_Code *literalBlock = mCode + 4 + mCode[0]; @@ -24,7 +25,8 @@ namespace Interpreter float Runtime::getFloatLiteral (int index) const { - assert (index>=0 && index (mCode[2])); + if (index < 0 || index >= static_cast (mCode[2])) + throw std::out_of_range("out of range"); const Type_Code *literalBlock = mCode + 4 + mCode[0] + mCode[1]; @@ -33,7 +35,8 @@ namespace Interpreter std::string Runtime::getStringLiteral (int index) const { - assert (index>=0 && static_cast (mCode[3])>0); + if (index < 0 || static_cast (mCode[3]) <= 0) + throw std::out_of_range("out of range"); const char *literalBlock = reinterpret_cast (mCode + 4 + mCode[0] + mCode[1] + mCode[2]); @@ -43,7 +46,8 @@ namespace Interpreter for (; index; --index) { offset += std::strlen (literalBlock+offset) + 1; - assert (offset/4 (mCode[3])); + if (offset / 4 >= static_cast (mCode[3])) + throw std::out_of_range("out of range"); } return literalBlock+offset;