Changeset - r20976:d85274d0c70e
Parent rev.
Child rev.
[Not reviewed]
master
0 2 0
rubidium - 11 years ago 2013-11-22 21:43:47
rubidium@openttd.org
(svn r26050) -Fix: possible, but currently untriggered, out of bounds access in strgen
2 files changed with 11 insertions and 7 deletions:
src/strgen/strgen_base.cpp
8
7
src/table/strgen_tables.h
3
0 comments (0 inline, 0 general)
src/strgen/strgen_base.cpp
Show inline comments
 
@@ -387,14 +387,15 @@ void EmitPlural(Buffer *buffer, char *bu
 
{
 
	int argidx = _cur_argidx;
 
	int offset = 0;
 
	const char *words[5];
 
	int expected = _plural_forms[_lang.plural_form].plural_count;
 
	const char **words = AllocaM(const char *, max(expected, MAX_PLURALS));
 
	int nw = 0;
 

			




	
	
	
		
 
	/* Parse out the number, if one exists. Otherwise default to prev arg. */

			




	
	
	
		
 
	if (!ParseRelNum(&buf, &argidx, &offset)) argidx--;

			




	
	
	
		
 

			




	
	
	
		
 
	/* Parse each string */

			




	
	
	
		
 
	for (nw = 0; nw < 5; nw++) {

			




	
	
	
		
 
	for (nw = 0; nw < MAX_PLURALS; nw++) {

			




	
	
	
		
 
		words[nw] = ParseWord(&buf);

			




	
	
	
		
 
		if (words[nw] == NULL) break;

			




	
	
	
		
 
	}

			




	
	
		
 
@@ -403,16 +404,16 @@ void EmitPlural(Buffer *buffer, char *bu

			




	
	
	
		
 
		strgen_fatal("%s: No plural words", _cur_ident);

			




	
	
	
		
 
	}

			




	
	
	
		
 

			




	
	
	
		
 
	if (_plural_forms[_lang.plural_form].plural_count != nw) {

			




	
	
	
		
 
	if (expected != nw) {

			




	
	
	
		
 
		if (_translated) {

			




	
	
	
		
 
			strgen_fatal("%s: Invalid number of plural forms. Expecting %d, found %d.", _cur_ident,

			




	
	
	
		
 
				_plural_forms[_lang.plural_form].plural_count, nw);

			




	
	
	
		
 
				expected, nw);

			




	
	
	
		
 
		} else {

			




	
	
	
		
 
			if ((_show_todo & 2) != 0) strgen_warning("'%s' is untranslated. Tweaking english string to allow compilation for plural forms", _cur_ident);

			




	
	
	
		
 
			if (nw > _plural_forms[_lang.plural_form].plural_count) {

			




	
	
	
		
 
				nw = _plural_forms[_lang.plural_form].plural_count;

			




	
	
	
		
 
			if (nw > expected) {

			




	
	
	
		
 
				nw = expected;

			




	
	
	
		
 
			} else {

			




	
	
	
		
 
				for (; nw < _plural_forms[_lang.plural_form].plural_count; nw++) {

			




	
	
	
		
 
				for (; nw < expected; nw++) {

			




	
	
	
		
 
					words[nw] = words[nw - 1];

			




	
	
	
		
 
				}

			




	
	
	
		
 
			}

			




        

    


    
    

    

        

                

                    src/table/strgen_tables.h
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -154,6 +154,9 @@ struct PluralForm {

			




	
	
	
		
 
	const char *names;       ///< Plural names

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/** The maximum number of plurals. */

			




	
	
	
		
 
static const int MAX_PLURALS = 5;

			




	
	
	
		
 

			




	
	
	
		
 
/** All plural forms used */

			




	
	
	
		
 
static const PluralForm _plural_forms[] = {

			




	
	
	
		
 
	{ 2, "Two forms: special case for 1.", "\"1\" \"other\"" },

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: code.theleruby.com-48
    
    
        This site is powered by
            Kallithea,
        which is
        © 2010–2022 by various authors & licensed under GPLv3.
            – Support