falso
/
dethrace
mirror of https://github.com/dethrace-labs/dethrace.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix some Address Sanitizer errors (#384) 

* fix some invalid memory accesses
This commit is contained in:
Dethrace Engineering Department 2024-07-10 06:08:35 +12:00 committed by GitHub
parent e3a50e34d1
commit ca1098ad91
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 38 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/DETHRACE/CMakeLists.txt
View File

@ -10,12 +10,13 @@ target_include_directories(dethrace_obj
pd pd
) )
# add_compile_options(-fsanitize=address) if (DETHRACE_ASAN)
# add_link_options(-fsanitize=address) target_compile_options(dethrace_obj PUBLIC -fsanitize=address)
target_link_options(dethrace_obj PUBLIC -fsanitize=address)
endif()
target_link_libraries(dethrace_obj PUBLIC SDL2::SDL2 smackw32 harness BRender::Full BRender::DDI s3) target_link_libraries(dethrace_obj PUBLIC SDL2::SDL2 smackw32 harness BRender::Full BRender::DDI s3)
if(MSVC) if(MSVC)
target_compile_definitions(dethrace_obj PRIVATE -D_CRT_SECURE_NO_WARNINGS) target_compile_definitions(dethrace_obj PRIVATE -D_CRT_SECURE_NO_WARNINGS)
target_compile_options(dethrace_obj PRIVATE target_compile_options(dethrace_obj PRIVATE

28
src/DETHRACE/common/car.c
View File

@ -2769,13 +2769,10 @@ int CollCheck(tCollision_info* c, br_scalar dt) {
br_matrix34 message_mat; br_matrix34 message_mat;
LOG_TRACE("(%p, %f)", c, dt); LOG_TRACE("(%p, %f)", c, dt);
tCar_spec* car_spec; // added for readability
// v34 = 0; // v34 = 0;
// v35 = 0; // v35 = 0;
// v36 = 0x3F800000; // v36 = 0x3F800000;
// v48 = 0x3F800347; // v48 = 0x3F800347;
car_spec = (tCar_spec*)c;
mat = &c->car_master_actor->t.t.mat; mat = &c->car_master_actor->t.t.mat;
oldmat = &c->oldmat; oldmat = &c->oldmat;
k = 0; k = 0;
@ -3040,7 +3037,7 @@ int CollCheck(tCollision_info* c, br_scalar dt) {
BrVector3Set(&normal_force, 0.f, 0.f, 0.f); BrVector3Set(&normal_force, 0.f, 0.f, 0.f);
BrVector3Set(&c->omega, 0.f, 0.f, 0.f); BrVector3Set(&c->omega, 0.f, 0.f, 0.f);
BrVector3Set(&c->oldomega, 0.f, 0.f, 0.f); BrVector3Set(&c->oldomega, 0.f, 0.f, 0.f);
if (c->driver <= eDriver_non_car || car_spec->max_force_rear == 0.0f) { if (c->driver <= eDriver_non_car || CAR(c)->max_force_rear == 0.0f) {
if (c->driver <= eDriver_non_car) { if (c->driver <= eDriver_non_car) {
PipeSingleNonCar(c); PipeSingleNonCar(c);
} }
@ -3060,17 +3057,23 @@ int CollCheck(tCollision_info* c, br_scalar dt) {
} }
BrVector3Accumulate(&c->v, &norm); BrVector3Accumulate(&c->v, &norm);
if (c->driver >= eDriver_net_human) { if (c->driver >= eDriver_net_human) {
BrVector3Scale(&normal_force, &normal_force, gDefensive_powerup_factor[car_spec->power_up_levels[0]]); BrVector3Scale(&normal_force, &normal_force, gDefensive_powerup_factor[CAR(c)->power_up_levels[0]]);
} }
if (c->driver < eDriver_net_human) { if (c->driver < eDriver_net_human) {
BrVector3Scale(&normal_force, &normal_force, 0.01f); BrVector3Scale(&normal_force, &normal_force, 0.01f);
} else { } else {
BrVector3Scale(&normal_force, &normal_force, 0.75f); BrVector3Scale(&normal_force, &normal_force, 0.75f);
} }
if (CAR(c)->invulnerable if (
#if defined(DETHRACE_FIX_BUGS)
// `c` is only a `tCar_spec*` if the driver is an opponent or human, otherwise, it will be a `tNon_car_spec*`. The following code
// assumes `c` is a `tCar_spec*`, causing invalid memory accesses
c->driver >= eDriver_oppo &&
#endif
(CAR(c)->invulnerable
|| (c->driver < eDriver_net_human && (c->driver != eDriver_oppo || PointOutOfSight(&c->pos, 150.0f))) || (c->driver < eDriver_net_human && (c->driver != eDriver_oppo || PointOutOfSight(&c->pos, 150.0f)))
|| ((v_diff = (car_spec->pre_car_col_velocity.v[1] - c->v.v[1]) * gDefensive_powerup_factor[car_spec->power_up_levels[0]]) >= -20.0f) || ((v_diff = (CAR(c)->pre_car_col_velocity.v[1] - c->v.v[1]) * gDefensive_powerup_factor[CAR(c)->power_up_levels[0]]) >= -20.0f)
|| CAR(c)->number_of_wheels_on_ground >= 3) { || CAR(c)->number_of_wheels_on_ground >= 3)) {
CrushAndDamageCar(CAR(c), &dir, &normal_force, NULL); CrushAndDamageCar(CAR(c), &dir, &normal_force, NULL);
} else { } else {
// Cops Special Forces is always stolen if destroyed! // Cops Special Forces is always stolen if destroyed!
@ -3079,6 +3082,12 @@ int CollCheck(tCollision_info* c, br_scalar dt) {
StealCar(CAR(c)); StealCar(CAR(c));
v_diff = v_diff * 5.0f; v_diff = v_diff * 5.0f;
} }
#if defined(DETHRACE_FIX_BUGS)
// `c` is only a `tCar_spec*` if the driver is an opponent or human, otherwise, it will be a `tNon_car_spec*`. The following code
// assumes `c` is a `tCar_spec*`, causing invalid memory accesses
if (c->driver >= eDriver_oppo)
#endif
{
for (i = 0; i < CAR(c)->car_actor_count; i++) { for (i = 0; i < CAR(c)->car_actor_count; i++) {
ts2 = (v_diff + 20.0f) * -0.01f; ts2 = (v_diff + 20.0f) * -0.01f;
TotallySpamTheModel(CAR(c), i, CAR(c)->car_model_actors[i].actor, &CAR(c)->car_model_actors[i].crush_data, ts2); TotallySpamTheModel(CAR(c), i, CAR(c)->car_model_actors[i].actor, &CAR(c)->car_model_actors[i].crush_data, ts2);
@ -3087,6 +3096,7 @@ int CollCheck(tCollision_info* c, br_scalar dt) {
DamageUnit(CAR(c), i, IRandomPosNeg(5) + (v_diff + 20.0f) * -1.5f); DamageUnit(CAR(c), i, IRandomPosNeg(5) + (v_diff + 20.0f) * -1.5f);
} }
} }
}
if (!noise_defeat) { if (!noise_defeat) {
CrashNoise(&norm, &pos, gMaterial_index); CrashNoise(&norm, &pos, gMaterial_index);
ScrapeNoise(batwick_length, &pos, gMaterial_index); ScrapeNoise(batwick_length, &pos, gMaterial_index);
@ -3094,7 +3104,7 @@ int CollCheck(tCollision_info* c, br_scalar dt) {
BrVector3InvScale(&tv, &tv, WORLD_SCALE); BrVector3InvScale(&tv, &tv, WORLD_SCALE);
BrMatrix34ApplyV(&bb, &tv, &c->car_master_actor->t.t.mat); BrMatrix34ApplyV(&bb, &tv, &c->car_master_actor->t.t.mat);
BrMatrix34ApplyV(&norm, &p_vel, &c->car_master_actor->t.t.mat); BrMatrix34ApplyV(&norm, &p_vel, &c->car_master_actor->t.t.mat);
CreateSparks(&pos, &bb, &norm, gCurrent_race.material_modifiers[gMaterial_index].sparkiness, car_spec); CreateSparks(&pos, &bb, &norm, gCurrent_race.material_modifiers[gMaterial_index].sparkiness, CAR(c));
} }
return k; return k;
} else { } else {

9
src/DETHRACE/common/spark.c
View File

@ -2491,6 +2491,13 @@ void MungeSplash(tU32 pTime) {
if (!gAction_replay_mode || GetReplayRate() == 0.0) { if (!gAction_replay_mode || GetReplayRate() == 0.0) {
if (!gAction_replay_mode) { if (!gAction_replay_mode) {
for (i = 0; i < gNum_cars_and_non_cars; i++) { for (i = 0; i < gNum_cars_and_non_cars; i++) {
#if defined(DETHRACE_FIX_BUGS)
// CreateSpash assumes a `tCar_spec*` argument. In the case a non-car is pushed into the water, a `tNon_car_spec*` is passed,
// causing invalid memory accesses
if (gActive_car_list[i]->driver < eDriver_oppo) {
continue;
}
#endif
if (gActive_car_list[i]->water_d != 10000.0 && gActive_car_list[i]->driver != eDriver_local_human) { if (gActive_car_list[i]->water_d != 10000.0 && gActive_car_list[i]->driver != eDriver_local_human) {
CreateSplash(gActive_car_list[i], pTime); CreateSplash(gActive_car_list[i], pTime);
} }
@ -2516,7 +2523,7 @@ void MungeSplash(tU32 pTime) {
} }
} }
if (gProgram_state.current_car.water_d != 10000.0) { if (gProgram_state.current_car.water_d != 10000.0) {
CreateSplash(&gProgram_state.current_car, 0x64u); CreateSplash(&gProgram_state.current_car, 100);
} }
} }
if (!gSplash_flags) { if (!gSplash_flags) {