From 98d8ab338e1a662966bebad95fdd8c07cecbe070 Mon Sep 17 00:00:00 2001 From: Iru Cai Date: Tue, 28 Aug 2018 11:29:58 +0800 Subject: allocate_some_struct --- csrc/buggy_func.c | 36 ------------------------------------ csrc/data_struct.c | 38 ++++++++++++++++++++++++++++++++++++++ csrc/data_struct.h | 11 +++++++++++ 3 files changed, 49 insertions(+), 36 deletions(-) delete mode 100644 csrc/buggy_func.c create mode 100644 csrc/data_struct.c create mode 100644 csrc/data_struct.h diff --git a/csrc/buggy_func.c b/csrc/buggy_func.c deleted file mode 100644 index a963b33..0000000 --- a/csrc/buggy_func.c +++ /dev/null @@ -1,36 +0,0 @@ -struct st -{ - int16_t f0; - int16_t f2; - int16_t f4; - int16_t f6; - int16_t * f8; - int16_t data[0]; -}; - -static inline mem_copy_words(void *dst, void *src, size_t n) -{ - memcpy(dst, src, n*2); -} - -int fcn_00451a97(struct st *a1, struct st *a2, int a3, int a4, int a5, int a6) -{ - if (a2 == NULL) { - a2 = malloc(a5 * a6 * 2 + 12); - } - - a2->f0 = a5; /* number of words(16b) per block? */ - a2->f2 = a6; /* number of blocks? */ - a2->f4 = a2->f6 = 0; - a2->f8 = a2->data; - - int16_t *ebx = &a1->f8[a1->f0 * a4 + a3]; - int16_t *esi = a2->f8; - - for (int i = 0; i < a6; i++) { - mem_copy_words(esi, ebx, a5); /* copy a5 words(16b) from ebx to esi */ - esi = &esi[a5]; - ebx = &ebx[a1->f0]; - } - return a2; -} diff --git a/csrc/data_struct.c b/csrc/data_struct.c new file mode 100644 index 0000000..53d8cd3 --- /dev/null +++ b/csrc/data_struct.c @@ -0,0 +1,38 @@ +static inline mem_copy_words(void *dst, void *src, size_t n) +{ + memcpy(dst, src, n*2); +} + +struct st * allocate_some_struct(int a1, int a2, int a3, int a4) +{ + struct st * newst = (struct st *)malloc(a1 * a2 * 2 + 12); + newst->f0 = a1; + newst->f2 = a2; + newst->f4 = a3; + newst->f6 = a4; + newst->f8 = newst->data; +} + +/* this function looks buggy and can crash the game */ + +struct st * fcn_00451a97(struct st *a1, struct st *a2, int a3, int a4, int a5, int a6) +{ + if (a2 == NULL) { + a2 = malloc(a5 * a6 * 2 + 12); + } + + a2->f0 = a5; /* number of words(16b) per block? */ + a2->f2 = a6; /* number of blocks? */ + a2->f4 = a2->f6 = 0; + a2->f8 = a2->data; + + int16_t *ebx = &a1->f8[a1->f0 * a4 + a3]; + int16_t *esi = a2->f8; + + for (int i = 0; i < a6; i++) { + mem_copy_words(esi, ebx, a5); /* copy a5 words(16b) from ebx to esi */ + esi = &esi[a5]; + ebx = &ebx[a1->f0]; + } + return a2; +} diff --git a/csrc/data_struct.h b/csrc/data_struct.h new file mode 100644 index 0000000..2fa06e9 --- /dev/null +++ b/csrc/data_struct.h @@ -0,0 +1,11 @@ +struct st +{ + int16_t f0; + int16_t f2; + int16_t f4; + int16_t f6; + int16_t * f8; + int16_t data[0]; +}; + +struct st * allocate_some_struct(int a1, int a2, int a3, int a4); -- cgit v1.2.3