# HG changeset patch # User Nomad # Date 1374160069 -7200 # Node ID 8d4ec56416efe726c710215f28824af81669ed24 # Parent 8ea496564034896b7720b97b8bdf94d18fb98e2b Fix to ticket #69 array_50A2B0 being accessed outside of bounds diff -r 8ea496564034 -r 8d4ec56416ef mm7_3.cpp --- a/mm7_3.cpp Thu Jul 18 16:51:35 2013 +0200 +++ b/mm7_3.cpp Thu Jul 18 17:07:49 2013 +0200 @@ -4440,7 +4440,7 @@ //----- (0047840D) -------------------------------------------------------- char Render::DrawBuildingsD3D() { - IndoorCameraD3D *v0; // eax@3 + //IndoorCameraD3D *v0; // eax@3 char result; // al@3 BSPModel *v2; // ebx@4 int v3; // eax@6 @@ -4471,9 +4471,9 @@ int v26; // eax@57 int v27; // eax@57 int v28; // eax@58 - int v29; // edx@58 - double v30; // st7@59 - LightmapBuilder *v31; // edi@63 + //int v29; // edx@58 + //double v30; // st7@59 + //LightmapBuilder *v31; // edi@63 signed int v32; // eax@73 int v33; // eax@78 unsigned int v34; // eax@80 @@ -4481,16 +4481,16 @@ int v36; // [sp-14h] [bp-6Ch]@69 RenderVertexSoft *v37; // [sp-10h] [bp-68h]@69 int v38; // [sp-Ch] [bp-64h]@69 - LightmapBuilder *v39; // [sp-8h] [bp-60h]@2 + //LightmapBuilder *v39; // [sp-8h] [bp-60h]@2 int v40; // [sp-4h] [bp-5Ch]@2 - std::string *v41; // [sp+Ch] [bp-4Ch]@2 + //std::string *v41; // [sp+Ch] [bp-4Ch]@2 int v41b; int v42; // [sp+10h] [bp-48h]@6 LightmapBuilder *pLightmapBuilder; // [sp+14h] [bp-44h]@8 float v44; // [sp+18h] [bp-40h]@10 float v45; // [sp+1Ch] [bp-3Ch]@10 ODMFace *v46; // [sp+20h] [bp-38h]@6 - IndoorCameraD3D *v47; // [sp+24h] [bp-34h]@3 + //IndoorCameraD3D *v47; // [sp+24h] [bp-34h]@3 unsigned int v48; // [sp+28h] [bp-30h]@8 int v49; // [sp+2Ch] [bp-2Ch]@10 int v50; // [sp+30h] [bp-28h]@34 @@ -4510,9 +4510,7 @@ } unused = 0; - v0 = pGame->pIndoorCameraD3D; a1 = 0; - v47 = v0; result = LOBYTE(pOutdoor->pBModels); v41b = pOutdoor->uNumBModels; if ( (signed int)pOutdoor->uNumBModels > 0 ) @@ -4691,7 +4689,7 @@ if ( *(float *)&pLightmapBuilder == v23->vWorldPosition.z ) ++v53; //v47->ViewTransform((RenderVertexSoft *)(v23 - 12), 1u); - v47->ViewTransform(v23, 1u); + pGame->pIndoorCameraD3D->ViewTransform(v23, 1u); if ( v23->vWorldViewPosition.x < 8.0 || (double)pOutdoorCamera->shading_dist_mist < v23->vWorldViewPosition.x ) { if ( v23->vWorldViewPosition.x >= 8.0 ) @@ -4701,7 +4699,7 @@ } else { - v47->Project(v23, 1u, 0); + pGame->pIndoorCameraD3D->Project(v23, 1u, 0); } ++v23;// += 48; --v51; @@ -4746,19 +4744,12 @@ v27 = 8 * (v25 | (v26 << 6)); LOBYTE(v27) = v27 | 6; v7->field_50 = v27; - if ( v18 > 0 ) + + for (v28 = 0; v28 < v18; ++v28) { - v28 = 0; - v29 = v18; - do - { - v30 = 1.0 / (array_73D150[v28].vWorldViewPosition.x + 0.0000001); memcpy(&array_50AC10[v28], &array_73D150[v28], sizeof(array_50AC10[v28])); - ++v28; - --v29; - array_50A2B0[v28 + 49]._rhw = v30; - } - while ( v29 ); + array_50AC10[v28]._rhw = 1.0 / (array_73D150[v28].vWorldViewPosition.x + 0.0000001); + pFace = v46; } @@ -4774,20 +4765,18 @@ }*/ v40 = (int)pFace; - pLightmapBuilder = pGame->pLightmapBuilder; - v31 = pLightmapBuilder; - pLightmapBuilder->ApplyLights_OutdoorFace(pFace); + pGame->pLightmapBuilder->ApplyLights_OutdoorFace(pFace); pDecalBuilder->ApplyDecals_OutdoorFace(pFace); - v31->std__vector_000004_size = 0; - LOBYTE(v31) = 0; + pGame->pLightmapBuilder->std__vector_000004_size = 0; + + int v31 = 0; if ( stru_F8AD28.uNumLightsApplied > 0 || pDecalBuilder->uNumDecals > 0 ) { - v31 = (LightmapBuilder *)(v50 ? 3 : v49 != 0 ? 5 : 0); + v31 = v50 ? 3 : v49 != 0 ? 5 : 0; static_RenderBuildingsD3D_stru_73C834.GetFacePlaneAndClassify(pFace, &v56->pVertices); if ( pDecalBuilder->uNumDecals > 0 ) { v40 = -1; - v39 = v31; v38 = 0; v37 = array_50AC10; v36 = uNumVertices; @@ -4802,7 +4791,7 @@ } } if ( stru_F8AD28.uNumLightsApplied > 0 ) - pLightmapBuilder->ApplyLights( + pGame->pLightmapBuilder->ApplyLights( &stru_F8AD28, &static_RenderBuildingsD3D_stru_73C834, uNumVertices,