for (i = 0; nativelist[i].name != 0 && (i < number || number == -1); i++) {
sampgdk_log_debug("Registering native: %s @ %p", nativelist[i].name,
nativelist[i].func);
sampgdk_native_register(nativelist[i].name, nativelist[i].func);
}
I was calling the function with a single native, and number set to 1, but the nativelist[i].name != 0 check is done before the i < number range check. It should be this when not using a sentinel value:
for (i = 0; (i < number || number == -1) && nativelist[i].name != 0; i++) {
sampgdk_log_debug("Registering native: %s @ %p", nativelist[i].name,
nativelist[i].func);
sampgdk_native_register(nativelist[i].name, nativelist[i].func);
}
However, I just checked and the same overflow is in findfunction in the original AMX code.
Edit: Not an overflow, since nothing is written, but still OOB.
I was calling the function with a single native, and
numberset to1, but thenativelist[i].name != 0check is done before thei < numberrange check. It should be this when not using a sentinel value:However, I just checked and the same overflow is in
findfunctionin the original AMX code.Edit: Not an overflow, since nothing is written, but still OOB.