From 1769b418df9e1d461d050db426d59378d245373d Mon Sep 17 00:00:00 2001 From: James R Date: Mon, 29 Jan 2024 02:26:13 -0800 Subject: [PATCH] Replays: reserve 1 KB of space at end of buffer as a safeguard This should avoid buffer overruns in the middle of recording. There is already code that checks for buffer size around ticcmd and ghost data write. Demo header is still unsafe with many WAD filenames written, for example. Ghost data and ticcmd should not come close to reaching into this extra space. At the time of writing, ghost data can write up to 102 bytes and ticcmd 20 bytes, per player. --- src/g_demo.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/g_demo.c b/src/g_demo.c index dc3682000..b46970c90 100644 --- a/src/g_demo.c +++ b/src/g_demo.c @@ -2114,6 +2114,20 @@ void G_RecordDemo(const char *name) demo.recording = true; demo.buffer = &demobuf; + + /* FIXME: This whole file is in a wretched state. Take a + look at G_WriteAllGhostTics and G_WriteDemoTiccmd, they + write a lot of data. It's not realistic to refactor that + code in order to know exactly HOW MANY bytes it can write + out. So here's the deal. Reserve a decent block of memory + at the end of the buffer and never use it. Those bastard + functions will check if they overran the buffer, but it + should be safe enough because they'll think there's less + memory than there actually is and stop early. */ + const size_t deadspace = 1024; + I_Assert(demobuf.size > deadspace); + demobuf.size -= deadspace; + demobuf.end -= deadspace; } void G_RecordMetal(void)