diff options
Diffstat (limited to 'linden/indra/lscript/lscript_byteconvert.h')
| -rw-r--r-- | linden/indra/lscript/lscript_byteconvert.h | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/linden/indra/lscript/lscript_byteconvert.h b/linden/indra/lscript/lscript_byteconvert.h index 06d494e..6d0e2d0 100644 --- a/linden/indra/lscript/lscript_byteconvert.h +++ b/linden/indra/lscript/lscript_byteconvert.h | |||
| @@ -2,6 +2,8 @@ | |||
| 2 | * @file lscript_byteconvert.h | 2 | * @file lscript_byteconvert.h |
| 3 | * @brief Shared code for compiler and assembler for LSL | 3 | * @brief Shared code for compiler and assembler for LSL |
| 4 | * | 4 | * |
| 5 | * $LicenseInfo:firstyear=2002&license=viewergpl$ | ||
| 6 | * | ||
| 5 | * Copyright (c) 2002-2007, Linden Research, Inc. | 7 | * Copyright (c) 2002-2007, Linden Research, Inc. |
| 6 | * | 8 | * |
| 7 | * Second Life Viewer Source Code | 9 | * Second Life Viewer Source Code |
| @@ -24,6 +26,7 @@ | |||
| 24 | * ALL LINDEN LAB SOURCE CODE IS PROVIDED "AS IS." LINDEN LAB MAKES NO | 26 | * ALL LINDEN LAB SOURCE CODE IS PROVIDED "AS IS." LINDEN LAB MAKES NO |
| 25 | * WARRANTIES, EXPRESS, IMPLIED OR OTHERWISE, REGARDING ITS ACCURACY, | 27 | * WARRANTIES, EXPRESS, IMPLIED OR OTHERWISE, REGARDING ITS ACCURACY, |
| 26 | * COMPLETENESS OR PERFORMANCE. | 28 | * COMPLETENESS OR PERFORMANCE. |
| 29 | * $/LicenseInfo$ | ||
| 27 | */ | 30 | */ |
| 28 | 31 | ||
| 29 | // data shared between compiler/assembler | 32 | // data shared between compiler/assembler |
| @@ -781,9 +784,17 @@ inline S32 get_state_event_opcoode_start(U8 *stream, S32 state, LSCRIPTStateEven | |||
| 781 | major_version = LSL2_MAJOR_VERSION_TWO; | 784 | major_version = LSL2_MAJOR_VERSION_TWO; |
| 782 | state_offset_offset = sr + LSCRIPTDataSize[LST_INTEGER] + LSCRIPTDataSize[LST_INTEGER]*3*state; | 785 | state_offset_offset = sr + LSCRIPTDataSize[LST_INTEGER] + LSCRIPTDataSize[LST_INTEGER]*3*state; |
| 783 | } | 786 | } |
| 787 | if ( state_offset_offset < 0 || state_offset_offset > TOP_OF_MEMORY ) | ||
| 788 | { | ||
| 789 | return -1; | ||
| 790 | } | ||
| 784 | 791 | ||
| 785 | // get the actual position in memory of the desired state | 792 | // get the actual position in memory of the desired state |
| 786 | S32 state_offset = sr + bytestream2integer(stream, state_offset_offset); | 793 | S32 state_offset = sr + bytestream2integer(stream, state_offset_offset); |
| 794 | if ( state_offset < 0 || state_offset > TOP_OF_MEMORY ) | ||
| 795 | { | ||
| 796 | return -1; | ||
| 797 | } | ||
| 787 | 798 | ||
| 788 | // save that value | 799 | // save that value |
| 789 | S32 state_offset_base = state_offset; | 800 | S32 state_offset_base = state_offset; |
| @@ -793,18 +804,32 @@ inline S32 get_state_event_opcoode_start(U8 *stream, S32 state, LSCRIPTStateEven | |||
| 793 | 804 | ||
| 794 | // get the location of the event offset | 805 | // get the location of the event offset |
| 795 | S32 event_offset = event_jump_offset + LSCRIPTDataSize[LST_INTEGER]*2*get_event_handler_jump_position(get_event_register(stream, LREG_ER, major_version), event); | 806 | S32 event_offset = event_jump_offset + LSCRIPTDataSize[LST_INTEGER]*2*get_event_handler_jump_position(get_event_register(stream, LREG_ER, major_version), event); |
| 807 | if ( event_offset < 0 || event_offset > TOP_OF_MEMORY ) | ||
| 808 | { | ||
| 809 | return -1; | ||
| 810 | } | ||
| 796 | 811 | ||
| 797 | // now, jump to the event | 812 | // now, jump to the event |
| 798 | S32 event_start = bytestream2integer(stream, event_offset); | 813 | S32 event_start = bytestream2integer(stream, event_offset); |
| 814 | if ( event_start < 0 || event_start > TOP_OF_MEMORY ) | ||
| 815 | { | ||
| 816 | return -1; | ||
| 817 | } | ||
| 799 | event_start += event_jump_offset; | 818 | event_start += event_jump_offset; |
| 800 | 819 | ||
| 801 | S32 event_start_original = event_start; | 820 | S32 event_start_original = event_start; |
| 802 | 821 | ||
| 803 | // now skip past the parameters | 822 | // now skip past the parameters |
| 804 | S32 opcode_offset = bytestream2integer(stream, event_start); | 823 | S32 opcode_offset = bytestream2integer(stream, event_start); |
| 824 | if ( opcode_offset < 0 || opcode_offset > TOP_OF_MEMORY ) | ||
| 825 | { | ||
| 826 | return -1; | ||
| 827 | } | ||
| 828 | |||
| 805 | return opcode_offset + event_start_original; | 829 | return opcode_offset + event_start_original; |
| 806 | } | 830 | } |
| 807 | 831 | ||
| 832 | |||
| 808 | inline U64 get_handled_events(U8 *stream, S32 state) | 833 | inline U64 get_handled_events(U8 *stream, S32 state) |
| 809 | { | 834 | { |
| 810 | U64 retvalue = 0; | 835 | U64 retvalue = 0; |
| @@ -829,6 +854,7 @@ inline U64 get_handled_events(U8 *stream, S32 state) | |||
| 829 | return retvalue; | 854 | return retvalue; |
| 830 | } | 855 | } |
| 831 | 856 | ||
| 857 | // Returns -1 on error | ||
| 832 | inline S32 get_event_stack_size(U8 *stream, S32 state, LSCRIPTStateEventType event) | 858 | inline S32 get_event_stack_size(U8 *stream, S32 state, LSCRIPTStateEventType event) |
| 833 | { | 859 | { |
| 834 | // get the start of the state table | 860 | // get the start of the state table |
| @@ -849,21 +875,39 @@ inline S32 get_event_stack_size(U8 *stream, S32 state, LSCRIPTStateEventType eve | |||
| 849 | state_offset_offset = sr + LSCRIPTDataSize[LST_INTEGER] + LSCRIPTDataSize[LST_INTEGER]*3*state; | 875 | state_offset_offset = sr + LSCRIPTDataSize[LST_INTEGER] + LSCRIPTDataSize[LST_INTEGER]*3*state; |
| 850 | } | 876 | } |
| 851 | 877 | ||
| 878 | if ( state_offset_offset < 0 || state_offset_offset > TOP_OF_MEMORY ) | ||
| 879 | { | ||
| 880 | return -1; | ||
| 881 | } | ||
| 882 | |||
| 852 | S32 state_offset = bytestream2integer(stream, state_offset_offset); | 883 | S32 state_offset = bytestream2integer(stream, state_offset_offset); |
| 853 | state_offset += sr; | 884 | state_offset += sr; |
| 854 | 885 | ||
| 855 | state_offset_offset = state_offset; | 886 | state_offset_offset = state_offset; |
| 887 | if ( state_offset_offset < 0 || state_offset_offset > TOP_OF_MEMORY ) | ||
| 888 | { | ||
| 889 | return -1; | ||
| 890 | } | ||
| 856 | 891 | ||
| 857 | // skip to jump table | 892 | // skip to jump table |
| 858 | S32 jump_table = bytestream2integer(stream, state_offset_offset); | 893 | S32 jump_table = bytestream2integer(stream, state_offset_offset); |
| 859 | 894 | ||
| 860 | jump_table += state_offset; | 895 | jump_table += state_offset; |
| 896 | if ( jump_table < 0 || jump_table > TOP_OF_MEMORY ) | ||
| 897 | { | ||
| 898 | return -1; | ||
| 899 | } | ||
| 861 | 900 | ||
| 862 | // get the position of the jump to the desired state | 901 | // get the position of the jump to the desired state |
| 863 | S32 stack_size_offset = jump_table + LSCRIPTDataSize[LST_INTEGER]*2*get_event_handler_jump_position(get_event_register(stream, LREG_ER, major_version), event) + LSCRIPTDataSize[LST_INTEGER]; | 902 | S32 stack_size_offset = jump_table + LSCRIPTDataSize[LST_INTEGER]*2*get_event_handler_jump_position(get_event_register(stream, LREG_ER, major_version), event) + LSCRIPTDataSize[LST_INTEGER]; |
| 864 | 903 | ||
| 865 | // get the handled events | 904 | // get the handled events |
| 866 | S32 stack_size = bytestream2integer(stream, stack_size_offset); | 905 | S32 stack_size = bytestream2integer(stream, stack_size_offset); |
| 906 | if ( stack_size < 0 || stack_size > TOP_OF_MEMORY ) | ||
| 907 | { | ||
| 908 | return -1; | ||
| 909 | } | ||
| 910 | |||
| 867 | return stack_size; | 911 | return stack_size; |
| 868 | } | 912 | } |
| 869 | 913 | ||