Skip to content

Commit 116eec4

Browse files
elasotaelasota
committed
QVM memory access sanitization
1 parent 2678080 commit 116eec4

27 files changed

+441
-365
lines changed

code/botlib/be_aas_bsp.h

+4-4
Original file line numberDiff line numberDiff line change
@@ -79,11 +79,11 @@ void AAS_BSPModelMinsMaxsOrigin(int modelnum, vec3_t angles, vec3_t mins, vec3_t
7979
//handle to the next bsp entity
8080
int AAS_NextBSPEntity(int ent);
8181
//return the value of the BSP epair key
82-
int AAS_ValueForBSPEpairKey(int ent, char *key, char *value, int size);
82+
int AAS_ValueForBSPEpairKey(int ent, const char *key, char *value, int size);
8383
//get a vector for the BSP epair key
84-
int AAS_VectorForBSPEpairKey(int ent, char *key, vec3_t v);
84+
int AAS_VectorForBSPEpairKey(int ent, const char *key, vec3_t v);
8585
//get a float for the BSP epair key
86-
int AAS_FloatForBSPEpairKey(int ent, char *key, float *value);
86+
int AAS_FloatForBSPEpairKey(int ent, const char *key, float *value);
8787
//get an integer for the BSP epair key
88-
int AAS_IntForBSPEpairKey(int ent, char *key, int *value);
88+
int AAS_IntForBSPEpairKey(int ent, const char *key, int *value);
8989

code/botlib/be_aas_bspq3.c

+4-4
Original file line numberDiff line numberDiff line change
@@ -276,7 +276,7 @@ int AAS_BSPEntityInRange(int ent)
276276
// Returns: -
277277
// Changes Globals: -
278278
//===========================================================================
279-
int AAS_ValueForBSPEpairKey(int ent, char *key, char *value, int size)
279+
int AAS_ValueForBSPEpairKey(int ent, const char *key, char *value, int size)
280280
{
281281
bsp_epair_t *epair;
282282

@@ -299,7 +299,7 @@ int AAS_ValueForBSPEpairKey(int ent, char *key, char *value, int size)
299299
// Returns: -
300300
// Changes Globals: -
301301
//===========================================================================
302-
int AAS_VectorForBSPEpairKey(int ent, char *key, vec3_t v)
302+
int AAS_VectorForBSPEpairKey(int ent, const char *key, vec3_t v)
303303
{
304304
char buf[MAX_EPAIRKEY];
305305
double v1, v2, v3;
@@ -320,7 +320,7 @@ int AAS_VectorForBSPEpairKey(int ent, char *key, vec3_t v)
320320
// Returns: -
321321
// Changes Globals: -
322322
//===========================================================================
323-
int AAS_FloatForBSPEpairKey(int ent, char *key, float *value)
323+
int AAS_FloatForBSPEpairKey(int ent, const char *key, float *value)
324324
{
325325
char buf[MAX_EPAIRKEY];
326326

@@ -335,7 +335,7 @@ int AAS_FloatForBSPEpairKey(int ent, char *key, float *value)
335335
// Returns: -
336336
// Changes Globals: -
337337
//===========================================================================
338-
int AAS_IntForBSPEpairKey(int ent, char *key, int *value)
338+
int AAS_IntForBSPEpairKey(int ent, const char *key, int *value)
339339
{
340340
char buf[MAX_EPAIRKEY];
341341

code/botlib/be_ai_char.c

+5-5
Original file line numberDiff line numberDiff line change
@@ -209,7 +209,7 @@ void BotDefaultCharacteristics(bot_character_t *ch, bot_character_t *defaultch)
209209
// Returns: -
210210
// Changes Globals: -
211211
//===========================================================================
212-
bot_character_t *BotLoadCharacterFromFile(char *charfile, int skill)
212+
bot_character_t *BotLoadCharacterFromFile(const char *charfile, int skill)
213213
{
214214
int indent, index, foundcharacter;
215215
bot_character_t *ch;
@@ -359,7 +359,7 @@ bot_character_t *BotLoadCharacterFromFile(char *charfile, int skill)
359359
// Returns: -
360360
// Changes Globals: -
361361
//===========================================================================
362-
int BotFindCachedCharacter(char *charfile, float skill)
362+
int BotFindCachedCharacter(const char *charfile, float skill)
363363
{
364364
int handle;
365365

@@ -380,7 +380,7 @@ int BotFindCachedCharacter(char *charfile, float skill)
380380
// Returns: -
381381
// Changes Globals: -
382382
//===========================================================================
383-
int BotLoadCachedCharacter(char *charfile, float skill, int reload)
383+
int BotLoadCachedCharacter(const char *charfile, float skill, int reload)
384384
{
385385
int handle, cachedhandle, intskill;
386386
bot_character_t *ch = NULL;
@@ -493,7 +493,7 @@ int BotLoadCachedCharacter(char *charfile, float skill, int reload)
493493
// Returns: -
494494
// Changes Globals: -
495495
//===========================================================================
496-
int BotLoadCharacterSkill(char *charfile, float skill)
496+
int BotLoadCharacterSkill(const char *charfile, float skill)
497497
{
498498
int ch, defaultch;
499499

@@ -565,7 +565,7 @@ int BotInterpolateCharacters(int handle1, int handle2, float desiredskill)
565565
// Returns: -
566566
// Changes Globals: -
567567
//===========================================================================
568-
int BotLoadCharacter(char *charfile, float skill)
568+
int BotLoadCharacter(const char *charfile, float skill)
569569
{
570570
int firstskill, secondskill, handle;
571571

code/botlib/be_ai_char.h

+1-1
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
3131
*****************************************************************************/
3232

3333
//loads a bot character from a file
34-
int BotLoadCharacter(char *charfile, float skill);
34+
int BotLoadCharacter(const char *charfile, float skill);
3535
//frees a bot character
3636
void BotFreeCharacter(int character);
3737
//returns a float characteristic

code/botlib/be_ai_chat.c

+40-31
Original file line numberDiff line numberDiff line change
@@ -323,7 +323,7 @@ void BotRemoveConsoleMessage(int chatstate, int handle)
323323
// Returns: -
324324
// Changes Globals: -
325325
//===========================================================================
326-
void BotQueueConsoleMessage(int chatstate, int type, char *message)
326+
void BotQueueConsoleMessage(int chatstate, int type, const char *message)
327327
{
328328
bot_consolemessage_t *m;
329329
bot_chatstate_t *cs;
@@ -474,7 +474,7 @@ void UnifyWhiteSpaces(char *string)
474474
// Returns: -
475475
// Changes Globals: -
476476
//===========================================================================
477-
int StringContains(char *str1, char *str2, int casesensitive)
477+
int StringContains(const char *str1, const char *str2, int casesensitive)
478478
{
479479
int len, i, j, index;
480480

@@ -505,7 +505,7 @@ int StringContains(char *str1, char *str2, int casesensitive)
505505
// Returns: -
506506
// Changes Globals: -
507507
//===========================================================================
508-
char *StringContainsWord(char *str1, char *str2, int casesensitive)
508+
const char *StringContainsWord(const char *str1, const char *str2, int casesensitive)
509509
{
510510
int len, i, j;
511511

@@ -547,22 +547,27 @@ char *StringContainsWord(char *str1, char *str2, int casesensitive)
547547
// Returns: -
548548
// Changes Globals: -
549549
//===========================================================================
550-
void StringReplaceWords(char *string, char *synonym, char *replacement)
550+
void StringReplaceWords(char *string, int stringSize, const char *synonym, const char *replacement)
551551
{
552552
char *str, *str2;
553553

554+
int stringCurrentSize = strlen(string);
555+
int stringMaxSize = stringSize - 1;
556+
int extraLength = (int)strlen(replacement) - (int)strlen(synonym);
557+
string[stringMaxSize] = '\0';
558+
554559
//find the synonym in the string
555-
str = StringContainsWord(string, synonym, qfalse);
560+
str = (char *)StringContainsWord(string, synonym, qfalse);
556561
//if the synonym occurred in the string
557-
while(str)
562+
while(str && (stringMaxSize - stringCurrentSize >= extraLength))
558563
{
559564
//if the synonym isn't part of the replacement which is already in the string
560565
//useful for abbreviations
561-
str2 = StringContainsWord(string, replacement, qfalse);
566+
str2 = (char *)StringContainsWord(string, replacement, qfalse);
562567
while(str2)
563568
{
564569
if (str2 <= str && str < str2 + strlen(replacement)) break;
565-
str2 = StringContainsWord(str2+1, replacement, qfalse);
570+
str2 = (char *)StringContainsWord(str2+1, replacement, qfalse);
566571
} //end while
567572
if (!str2)
568573
{
@@ -571,7 +576,7 @@ void StringReplaceWords(char *string, char *synonym, char *replacement)
571576
Com_Memcpy(str, replacement, strlen(replacement));
572577
} //end if
573578
//find the next synonym in the string
574-
str = StringContainsWord(str+strlen(replacement), synonym, qfalse);
579+
str = (char *)StringContainsWord(str+strlen(replacement), synonym, qfalse);
575580
} //end if
576581
} //end of the function StringReplaceWords
577582
//===========================================================================
@@ -774,7 +779,7 @@ bot_synonymlist_t *BotLoadSynonyms(char *filename)
774779
// Returns: -
775780
// Changes Globals: -
776781
//===========================================================================
777-
void BotReplaceSynonyms(char *string, unsigned long int context)
782+
void BotReplaceSynonyms(char *string, int stringSize, unsigned long int context)
778783
{
779784
bot_synonymlist_t *syn;
780785
bot_synonym_t *synonym;
@@ -784,7 +789,7 @@ void BotReplaceSynonyms(char *string, unsigned long int context)
784789
if (!(syn->context & context)) continue;
785790
for (synonym = syn->firstsynonym->next; synonym; synonym = synonym->next)
786791
{
787-
StringReplaceWords(string, synonym->string, syn->firstsynonym->string);
792+
StringReplaceWords(string, stringSize, synonym->string, syn->firstsynonym->string);
788793
} //end for
789794
} //end for
790795
} //end of the function BotReplaceSynonyms
@@ -794,7 +799,7 @@ void BotReplaceSynonyms(char *string, unsigned long int context)
794799
// Returns: -
795800
// Changes Globals: -
796801
//===========================================================================
797-
void BotReplaceWeightedSynonyms(char *string, unsigned long int context)
802+
void BotReplaceWeightedSynonyms(char *string, int stringSize, unsigned long int context)
798803
{
799804
bot_synonymlist_t *syn;
800805
bot_synonym_t *synonym, *replacement;
@@ -817,7 +822,7 @@ void BotReplaceWeightedSynonyms(char *string, unsigned long int context)
817822
for (synonym = syn->firstsynonym; synonym; synonym = synonym->next)
818823
{
819824
if (synonym == replacement) continue;
820-
StringReplaceWords(string, synonym->string, replacement->string);
825+
StringReplaceWords(string, stringSize, synonym->string, replacement->string);
821826
} //end for
822827
} //end for
823828
} //end of the function BotReplaceWeightedSynonyms
@@ -827,12 +832,15 @@ void BotReplaceWeightedSynonyms(char *string, unsigned long int context)
827832
// Returns: -
828833
// Changes Globals: -
829834
//===========================================================================
830-
void BotReplaceReplySynonyms(char *string, unsigned long int context)
835+
void BotReplaceReplySynonyms(char *string, int stringSize, unsigned long int context)
831836
{
832837
char *str1, *str2, *replacement;
833838
bot_synonymlist_t *syn;
834839
bot_synonym_t *synonym;
835840

841+
int stringMaxSize = stringSize - 1;
842+
string[stringMaxSize] = '\0';
843+
836844
for (str1 = string; *str1; )
837845
{
838846
//go to the start of the next word
@@ -845,12 +853,12 @@ void BotReplaceReplySynonyms(char *string, unsigned long int context)
845853
for (synonym = syn->firstsynonym->next; synonym; synonym = synonym->next)
846854
{
847855
//if the synonym is not at the front of the string continue
848-
str2 = StringContainsWord(str1, synonym->string, qfalse);
856+
str2 = (char *)StringContainsWord(str1, synonym->string, qfalse);
849857
if (!str2 || str2 != str1) continue;
850858
//
851859
replacement = syn->firstsynonym->string;
852860
//if the replacement IS in front of the string continue
853-
str2 = StringContainsWord(str1, replacement, qfalse);
861+
str2 = (char *)StringContainsWord(str1, replacement, qfalse);
854862
if (str2 && str2 == str1) continue;
855863
//
856864
memmove(str1 + strlen(replacement), str1+strlen(synonym->string),
@@ -1451,7 +1459,7 @@ int StringsMatch(bot_matchpiece_t *pieces, bot_match_t *match)
14511459
// Returns: -
14521460
// Changes Globals: -
14531461
//===========================================================================
1454-
int BotFindMatch(char *str, bot_match_t *match, unsigned long int context)
1462+
int BotFindMatch(const char *str, bot_match_t *match, unsigned long int context)
14551463
{
14561464
int i;
14571465
bot_matchtemplate_t *ms;
@@ -2029,7 +2037,7 @@ void BotDumpInitialChat(bot_chat_t *chat)
20292037
// Returns: -
20302038
// Changes Globals: -
20312039
//===========================================================================
2032-
bot_chat_t *BotLoadInitialChat(char *chatfile, char *chatname)
2040+
bot_chat_t *BotLoadInitialChat(const char *chatfile, const char *chatname)
20332041
{
20342042
int pass, foundchat, indent, size;
20352043
char *ptr = NULL;
@@ -2219,7 +2227,7 @@ void BotFreeChatFile(int chatstate)
22192227
// Returns: -
22202228
// Changes Globals: -
22212229
//===========================================================================
2222-
int BotLoadChatFile(int chatstate, char *chatfile, char *chatname)
2230+
int BotLoadChatFile(int chatstate, const char *chatfile, const char *chatname)
22232231
{
22242232
bot_chatstate_t *cs;
22252233
int n, avail = 0;
@@ -2277,11 +2285,12 @@ int BotLoadChatFile(int chatstate, char *chatfile, char *chatname)
22772285
// Returns: -
22782286
// Changes Globals: -
22792287
//===========================================================================
2280-
int BotExpandChatMessage(char *outmessage, char *message, unsigned long mcontext,
2288+
int BotExpandChatMessage(char *outmessage, const char *message, unsigned long mcontext,
22812289
bot_match_t *match, unsigned long vcontext, int reply)
22822290
{
22832291
int num, len, i, expansion;
2284-
char *outputbuf, *ptr, *msgptr;
2292+
char *outputbuf, *ptr;
2293+
const char *msgptr;
22852294
char temp[MAX_MESSAGE_SIZE];
22862295

22872296
expansion = qfalse;
@@ -2324,12 +2333,12 @@ int BotExpandChatMessage(char *outmessage, char *message, unsigned long mcontext
23242333
if (reply)
23252334
{
23262335
//replace the reply synonyms in the variables
2327-
BotReplaceReplySynonyms(temp, vcontext);
2336+
BotReplaceReplySynonyms(temp, sizeof(temp) - 1, vcontext);
23282337
} //end if
23292338
else
23302339
{
23312340
//replace synonyms in the variable context
2332-
BotReplaceSynonyms(temp, vcontext);
2341+
BotReplaceSynonyms(temp, MAX_MESSAGE_SIZE, vcontext);
23332342
} //end else
23342343
//
23352344
if (len + strlen(temp) >= MAX_MESSAGE_SIZE)
@@ -2388,7 +2397,7 @@ int BotExpandChatMessage(char *outmessage, char *message, unsigned long mcontext
23882397
} //end while
23892398
outputbuf[len] = '\0';
23902399
//replace synonyms weighted in the message context
2391-
BotReplaceWeightedSynonyms(outputbuf, mcontext);
2400+
BotReplaceWeightedSynonyms(outputbuf, MAX_MESSAGE_SIZE, mcontext);
23922401
//return true if a random was expanded
23932402
return expansion;
23942403
} //end of the function BotExpandChatMessage
@@ -2398,13 +2407,13 @@ int BotExpandChatMessage(char *outmessage, char *message, unsigned long mcontext
23982407
// Returns: -
23992408
// Changes Globals: -
24002409
//===========================================================================
2401-
void BotConstructChatMessage(bot_chatstate_t *chatstate, char *message, unsigned long mcontext,
2410+
void BotConstructChatMessage(bot_chatstate_t *chatstate, const char *message, unsigned long mcontext,
24022411
bot_match_t *match, unsigned long vcontext, int reply)
24032412
{
24042413
int i;
24052414
char srcmessage[MAX_MESSAGE_SIZE];
24062415

2407-
strcpy(srcmessage, message);
2416+
Q_strncpyz(srcmessage, message, MAX_MESSAGE_SIZE);
24082417
for (i = 0; i < 10; i++)
24092418
{
24102419
if (!BotExpandChatMessage(chatstate->chatmessage, srcmessage, mcontext, match, vcontext, reply))
@@ -2426,7 +2435,7 @@ void BotConstructChatMessage(bot_chatstate_t *chatstate, char *message, unsigned
24262435
// Returns: -
24272436
// Changes Globals: -
24282437
//===========================================================================
2429-
char *BotChooseInitialChatMessage(bot_chatstate_t *cs, char *type)
2438+
char *BotChooseInitialChatMessage(bot_chatstate_t *cs, const char *type)
24302439
{
24312440
int n, numchatmessages;
24322441
float besttime;
@@ -2484,7 +2493,7 @@ char *BotChooseInitialChatMessage(bot_chatstate_t *cs, char *type)
24842493
// Returns: -
24852494
// Changes Globals: -
24862495
//===========================================================================
2487-
int BotNumInitialChats(int chatstate, char *type)
2496+
int BotNumInitialChats(int chatstate, const char *type)
24882497
{
24892498
bot_chatstate_t *cs;
24902499
bot_chattype_t *t;
@@ -2511,7 +2520,7 @@ int BotNumInitialChats(int chatstate, char *type)
25112520
// Returns: -
25122521
// Changes Globals: -
25132522
//===========================================================================
2514-
void BotInitialChat(int chatstate, char *type, int mcontext, char *var0, char *var1, char *var2, char *var3, char *var4, char *var5, char *var6, char *var7)
2523+
void BotInitialChat(int chatstate, const char *type, int mcontext, const char *var0, const char *var1, const char *var2, const char *var3, const char *var4, const char *var5, const char *var6, const char *var7)
25152524
{
25162525
char *message;
25172526
int index;
@@ -2632,7 +2641,7 @@ void BotPrintReplyChatKeys(bot_replychat_t *replychat)
26322641
// Returns: -
26332642
// Changes Globals: -
26342643
//===========================================================================
2635-
int BotReplyChat(int chatstate, char *message, int mcontext, int vcontext, char *var0, char *var1, char *var2, char *var3, char *var4, char *var5, char *var6, char *var7)
2644+
int BotReplyChat(int chatstate, const char *message, int mcontext, int vcontext, const char *var0, const char *var1, const char *var2, const char *var3, const char *var4, const char *var5, const char *var6, const char *var7)
26362645
{
26372646
bot_replychat_t *rchat, *bestrchat;
26382647
bot_replychatkey_t *key;
@@ -2876,7 +2885,7 @@ void BotSetChatGender(int chatstate, int gender)
28762885
// Returns: -
28772886
// Changes Globals: -
28782887
//===========================================================================
2879-
void BotSetChatName(int chatstate, char *name, int client)
2888+
void BotSetChatName(int chatstate, const char *name, int client)
28802889
{
28812890
bot_chatstate_t *cs;
28822891

0 commit comments

Comments
 (0)