Projects > cpp > Issues > Bug #4043

We are migrating issue tracker of Cocos2d-x Project to Github, please create new issue there. Thanks.

Create Issue on Github

memmove may move very long buffer in TextureAtlas::insertQuad

Bug #4043 [Closed]
chenbk@foxmail.com 2014-02-15 06:58 . Updated over 10 years ago

unsigned int remaining = (_totalQuads-1) - index;
if( remaining > 0) {
memmove( &_quads[index+1], &_quads[index], sizeof(_quads[0]) * remaining );
}
remaining should define as int or long, or when ((_totalQuads-1) - index) less than 0, remaining may be very big int value, because of type of unsigned int. then result memmove move very long buffer.

file: CCTextureAtlas.cpp
function:
void TextureAtlas::insertQuad(V3F_C4B_T2F_Quad *quad, long index)
{
CCASSERT( index>=0 && index<_capacity, "insertQuadWithTexture: Invalid index");

_totalQuads++;
CCASSERT( _totalQuads <= _capacity, "invalid totalQuads");

//! bug: should define as int or long, or when (_totalQuads-1) - index less than 0, remaining may be very big int value, because of type of unsigned int. then result memmove move very long buffer.
// issue #575. index can be > totalQuads
unsigned int remaining = (_totalQuads-1) - index;

// last object doesn't need to be moved
if( remaining > 0) 
{
    // texture coordinates
    memmove( &_quads[index+1], &_quads[index], sizeof(_quads[0]) * remaining );
}

_quads[index] = *quad;

_dirty = true;

}

walzer@cocos2d-x.org 2014-10-08 02:58

Redmine issue system is closed, we are using github issue system instead.

This issue was moved to https://github.com/cocos2d/cocos2d-x/issues/8341

Atom PDF

Status:Closed
Start date:2014-02-15
Priority:Low
Due date:
Assignee:-
% Done:

0%

Category:-
Target version:-