-
-
Notifications
You must be signed in to change notification settings - Fork 537
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
QVM out-of-bounds memory access #358
Comments
in addition, fixed regressions: |
For reference, this is how I implemented the same idea in JK2MV: https://github.com/mvdevs/jk2mv/blob/master/src/qcommon/qcommon.h#L359-L372 Probably not all of these helper functions would be needed in ioq3. On first sight the main difference seems to be that it also sanitizes reads. I can port it to ioq3 if you're interested, but it would be nice to get an extra review before doing so (it has been out in jk2mv since June last year and no reports so far). |
This is being worked on in #441. |
The system call handlers don't validate the memory addresses / lengths passed to for memset, memcpy, and many other system calls. Reported by @mickael9 and also recently fixed in a quake3e commit.
The text was updated successfully, but these errors were encountered: