New compiler: potential code buffer overflow when compiling certain snippets

ivan-mogilko commented 6 months ago

CC @fernewelten

As demonstrated by #2417.

Certain code snippets cause write or read beyond the valid data in code buffer. This was never noticed before, because compiler allocates this buffer with an extra capacity, and offset mistakes are quite small (few bytes).

Errors occur in functions AGS::ForwardJump::Patch and AGS::BackwardJumpDest::Set.

Specifically, following tests cause the error:

Bytecode1.Ternary5

        float main()
        { 
            int I1a = 0 ? 10 : 20;
            int I1b = 2 ? 30 : 40;
            int I2a = 0 ?: 50;
            int I2b = 3 ?: 60;
            int I3a = 0 ? I1a : (7 + I1b);
            int I3b = 4 ? I2a : (7 + I2b);
            int I4a = 0 ? 70 : I3a;
            int I4b = 4 ? 80 : I3b;
            int I5a = 0 ? I4a : 90;
            int I5b = 5 ? I4b : 100;
            int I6 = 0 ? : I5a;
            return 0.;
        }

Compile0.Ternary02

        int main()
        {
            return 2 < 1 ? 1 : 2.0;
                    break;
        }

Compile1.CompileTimeConstant2

        int main() {
            while (1)
            {
                const int CI2 = 4712;
            }
            float CI2;
        }

fernewelten commented 3 months ago

Oops … I'm just seeing this. I'm onto it. I was just going to report that the compiler is failing its googletests; this issue is the reason for that.

ivan-mogilko commented 3 months ago

Fixed by #2510

adventuregamestudio / ags

New compiler: potential code buffer overflow when compiling certain snippets #2418