Fixed type mismatch in picture data.
The size of an operation block was written as size_t by PictureDataWriter but read as int32 by PicturePlayer. Fixes an app_server crash.
This commit is contained in:
parent
5084d0d451
commit
81aad168f8
|
@ -173,9 +173,9 @@ PicturePlayer::Play(void **callBackTable, int32 tableEntries, void *userData)
|
|||
|
||||
while ((pos + 6) <= fSize) {
|
||||
int16 op = *reinterpret_cast<const int16 *>(data);
|
||||
int32 size = *reinterpret_cast<const int32 *>(data + 2);
|
||||
pos += 6;
|
||||
data += 6;
|
||||
size_t size = *reinterpret_cast<const size_t *>(data + sizeof(int16));
|
||||
pos += sizeof(int16) + sizeof(size_t);
|
||||
data += sizeof(int16) + sizeof(size_t);
|
||||
|
||||
if (pos + size > fSize)
|
||||
debugger("PicturePlayer::Play: buffer overrun\n");
|
||||
|
|
Loading…
Reference in New Issue