From 1b4250b2073d263c3a1012dbf88d3f1d37ae79c8 Mon Sep 17 00:00:00 2001 From: bones_was_here Date: Fri, 26 Jan 2024 20:10:14 +1000 Subject: [PATCH] Q2BSP: fix misaligned memory access Fixes a small overallocation (sizeof(int *) instead of int). Signed-off-by: bones_was_here --- model_brush.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/model_brush.c b/model_brush.c index 98fc11fc..092682b0 100644 --- a/model_brush.c +++ b/model_brush.c @@ -4824,7 +4824,8 @@ static void Mod_Q2BSP_Load(model_t *mod, void *buffer, void *bufferend) msurface_t *surface; int totalstylesurfaces, totalstyles, stylecounts[256], remapstyles[256]; model_brush_lightstyleinfo_t styleinfo[256]; - unsigned char *datapointer; + int *datapointer; + model_brush_lightstyleinfo_t *lsidatapointer; sizebuf_t sb; MSG_InitReadBuffer(&sb, (unsigned char *)buffer, (unsigned char *)bufferend - (unsigned char *)buffer); @@ -4966,8 +4967,11 @@ static void Mod_Q2BSP_Load(model_t *mod, void *buffer, void *bufferend) totalstylesurfaces += stylecounts[k]; } } - datapointer = (unsigned char *)Mem_Alloc(mod->mempool, mod->num_surfaces * sizeof(int) + totalstyles * sizeof(model_brush_lightstyleinfo_t) + totalstylesurfaces * sizeof(int *)); - mod->modelsurfaces_sorted = (int*)datapointer; datapointer += mod->num_surfaces * sizeof(int); + // bones_was_here: using a separate allocation for model_brush_lightstyleinfo_t + // because on a 64-bit machine it no longer has the same alignment requirement as int. + lsidatapointer = Mem_AllocType(mod->mempool, model_brush_lightstyleinfo_t, totalstyles * sizeof(model_brush_lightstyleinfo_t)); + datapointer = Mem_AllocType(mod->mempool, int, mod->num_surfaces * sizeof(int) + totalstylesurfaces * sizeof(int)); + mod->modelsurfaces_sorted = datapointer; datapointer += mod->num_surfaces; // set up the world model, then on each submodel copy from the world model // and set up the submodel with the respective model info. mod = loadmodel; @@ -5070,7 +5074,7 @@ static void Mod_Q2BSP_Load(model_t *mod, void *buffer, void *bufferend) styleinfo[mod->brushq1.num_lightstyles].style = k; styleinfo[mod->brushq1.num_lightstyles].value = 0; styleinfo[mod->brushq1.num_lightstyles].numsurfaces = 0; - styleinfo[mod->brushq1.num_lightstyles].surfacelist = (int *)datapointer;datapointer += stylecounts[k] * sizeof(int); + styleinfo[mod->brushq1.num_lightstyles].surfacelist = datapointer;datapointer += stylecounts[k]; remapstyles[k] = mod->brushq1.num_lightstyles; mod->brushq1.num_lightstyles++; } @@ -5087,7 +5091,7 @@ static void Mod_Q2BSP_Load(model_t *mod, void *buffer, void *bufferend) } } } - mod->brushq1.data_lightstyleinfo = (model_brush_lightstyleinfo_t *)datapointer;datapointer += mod->brushq1.num_lightstyles * sizeof(model_brush_lightstyleinfo_t); + mod->brushq1.data_lightstyleinfo = lsidatapointer;lsidatapointer += mod->brushq1.num_lightstyles; memcpy(mod->brushq1.data_lightstyleinfo, styleinfo, mod->brushq1.num_lightstyles * sizeof(model_brush_lightstyleinfo_t)); } else -- 2.39.2