From 6e470ab20df6ba71d1f0aaca3070886c0ea526a0 Mon Sep 17 00:00:00 2001 From: Silent Date: Sun, 9 Apr 2017 23:17:31 +0200 Subject: [PATCH] increased numplate and car dirt code safety (null entries properly now, don't allow for a buffer overrun in strcpy_s) --- SilentPatchSA/ModelInfoSA.cpp | 9 +++------ SilentPatchSA/ModelInfoSA.h | 6 ++++-- SilentPatchSA/SilentPatchSA.cpp | 14 ++++++++++++++ SilentPatchSA/VehicleSA.cpp | 8 ++++---- 4 files changed, 25 insertions(+), 12 deletions(-) diff --git a/SilentPatchSA/ModelInfoSA.cpp b/SilentPatchSA/ModelInfoSA.cpp index 3d77bd4..1e2b563 100644 --- a/SilentPatchSA/ModelInfoSA.cpp +++ b/SilentPatchSA/ModelInfoSA.cpp @@ -22,7 +22,7 @@ void CVehicleModelInfo::Shutdown() void CVehicleModelInfo::FindEditableMaterialList() { - int materialCount = 0; + size_t materialCount = 0; auto GetEditableMaterialListCB = [&]( RpAtomic* atomic ) -> RpAtomic* { RpGeometryForAllMaterials( RpAtomicGetGeometry(atomic), [&]( RpMaterial* material ) -> RpMaterial* { @@ -44,11 +44,8 @@ void CVehicleModelInfo::FindEditableMaterialList() RpClumpForAllAtomics(reinterpret_cast(pRwObject), GetEditableMaterialListCB); - if ( m_pVehicleStruct->m_nNumExtras > 0 ) - { - for ( int i = 0; i < m_pVehicleStruct->m_nNumExtras; i++ ) - GetEditableMaterialListCB(m_pVehicleStruct->m_apExtras[i]); - } + for ( uint32_t i = 0; i < m_pVehicleStruct->m_nNumExtras; i++ ) + GetEditableMaterialListCB(m_pVehicleStruct->m_apExtras[i]); m_nPrimaryColor = -1; m_nSecondaryColor = -1; diff --git a/SilentPatchSA/ModelInfoSA.h b/SilentPatchSA/ModelInfoSA.h index 7cb0dab..6e49607 100644 --- a/SilentPatchSA/ModelInfoSA.h +++ b/SilentPatchSA/ModelInfoSA.h @@ -225,8 +225,10 @@ public: class NOVMT CVehicleModelInfo : public CClumpModelInfo { public: + static const size_t PLATE_TEXT_LEN = 8; + RpMaterial** m_apPlateMaterials; // Changed in SilentPatchh - char m_plateText[8]; + char m_plateText[PLATE_TEXT_LEN]; char field_30; signed char m_nPlateType; char m_nGameName[8]; @@ -261,7 +263,7 @@ public: CVector m_avDummyPosn[15]; UpgradePosnDesc m_aUpgrades[18]; RpAtomic* m_apExtras[6]; - unsigned char m_nNumExtras; + uint8_t m_nNumExtras; unsigned int m_dwMaskComponentsDamagable; } *m_pVehicleStruct; diff --git a/SilentPatchSA/SilentPatchSA.cpp b/SilentPatchSA/SilentPatchSA.cpp index 6c81530..fd2b581 100644 --- a/SilentPatchSA/SilentPatchSA.cpp +++ b/SilentPatchSA/SilentPatchSA.cpp @@ -1115,6 +1115,15 @@ bool __stdcall CheckDoubleRWheelsList( void* modelInfo, uint8_t* handlingData ) return lastResult; } +CVehicleModelInfo* (__thiscall *orgVehicleModelInfoCtor)(CVehicleModelInfo*); +CVehicleModelInfo* __fastcall VehicleModelInfoCtor(CVehicleModelInfo* me) +{ + orgVehicleModelInfoCtor(me); + me->m_apPlateMaterials = nullptr; + std::fill( std::begin(me->m_apDirtMaterials), std::end(me->m_apDirtMaterials), nullptr ); + return me; +} + #pragma warning(push) #pragma warning(disable:4838) #include @@ -3249,6 +3258,11 @@ void Patch_SA_10() InjectHook( 0x4C9239+2, CheckDoubleRWheelsList, PATCH_CALL ); Patch( 0x4C9239+7, 0xC084 ); Nop( 0x4C9239+9, 1 ); + + + // Properly initialize all CVehicleModelInfo fields + ReadCall( 0x4C75E4, orgVehicleModelInfoCtor ); + InjectHook( 0x4C75E4, VehicleModelInfoCtor ); } void Patch_SA_11() diff --git a/SilentPatchSA/VehicleSA.cpp b/SilentPatchSA/VehicleSA.cpp index 9f0b268..8a68c3d 100644 --- a/SilentPatchSA/VehicleSA.cpp +++ b/SilentPatchSA/VehicleSA.cpp @@ -97,16 +97,16 @@ void CVehicle::SetComponentAtomicAlpha(RpAtomic* pAtomic, int nAlpha) bool CVehicle::CustomCarPlate_TextureCreate(CVehicleModelInfo* pModelInfo) { - char PlateText[10]; + char PlateText[CVehicleModelInfo::PLATE_TEXT_LEN+1]; const char* pOverrideText = pModelInfo->GetCustomCarPlateText(); if ( pOverrideText ) - strcpy_s(PlateText, pOverrideText); + strncpy_s(PlateText, pOverrideText, CVehicleModelInfo::PLATE_TEXT_LEN); else - CCustomCarPlateMgr::GeneratePlateText(PlateText, 8); + CCustomCarPlateMgr::GeneratePlateText(PlateText, CVehicleModelInfo::PLATE_TEXT_LEN); + PlateText[CVehicleModelInfo::PLATE_TEXT_LEN] = '\0'; PlateTexture = CCustomCarPlateMgr::CreatePlateTexture(PlateText, pModelInfo->m_nPlateType); - //PlateDesign = pModelInfo->m_nPlateType != -1 ? pModelInfo->m_nPlateType : CCustomCarPlateMgr::GetMapRegionPlateDesign(); if ( pModelInfo->m_nPlateType != -1 ) PlateDesign = pModelInfo->m_nPlateType; else if ( IsLawEnforcementVehicle() )