GBA Video: Fix mode 2 out-of-bounds VRAM crash
Vicki Pfau vi@endrift.com
Fri, 17 Jul 2020 14:45:08 -0700
2 files changed,
7 insertions(+),
1 deletions(-)
M
CHANGES
→
CHANGES
@@ -13,6 +13,7 @@ - DS GX: Fix incorrect W values
- DS Video: Fix 2D/3D blending alpha values - DS I/O: Enable POWCNT1 bit 1 at boot (fixes mgba.io/i/616) - DS Slot-1: Reply to IR 0x08 command properly (fixes mgba.io/i/666) + - GBA Video: Fix mode 2 out-of-bounds VRAM crash Misc: - DS GX: Clean up and unify texture mapping - DS Core: Add symbol loading
M
src/gba/renderers/software-bg.c
→
src/gba/renderers/software-bg.c
@@ -33,7 +33,12 @@
#define MODE_2_NO_MOSAIC(COORD) \ COORD \ uint32_t screenBase = background->screenBase + (localX >> 11) + (((localY >> 7) & 0x7F0) << background->size); \ - mapData = ((uint8_t*) renderer->d.vramBG[screenBase >> VRAM_BLOCK_OFFSET])[screenBase & VRAM_BLOCK_MASK]; \ + uint8_t* screenBlock = (uint8_t*) renderer->d.vramBG[screenBase >> VRAM_BLOCK_OFFSET]; \ + if (UNLIKELY(!screenBlock)) { \ + mapData = 0; \ + } else { \ + mapData = screenBlock[screenBase & VRAM_BLOCK_MASK]; \ + } \ uint32_t charBase = background->charBase + (mapData << 6) + ((localY & 0x700) >> 5) + ((localX & 0x700) >> 8); \ pixelData = ((uint8_t*) renderer->d.vramBG[charBase >> VRAM_BLOCK_OFFSET])[charBase & VRAM_BLOCK_MASK]; \