From e8e72db32f405ef8814e39c6f1fbca37430e2ff8 Mon Sep 17 00:00:00 2001 From: Alug Date: Sun, 19 Oct 2025 20:38:22 +0200 Subject: [PATCH] fix columnbuf crashes -our buffered uhh buffer needs to be only advanced per column not per screenwidth, caused the buffer to advance beyond its boundaries -brightmap drawers get the DC_DIRECT flag to make sure they never attempt to draw buffered removed tempbuffer alignment for now as reported by ubsan --- src/r_defs.h | 2 +- src/r_draw.cpp | 10 ---------- src/r_draw_column.cpp | 20 +++++++++----------- src/r_things.cpp | 4 ++-- 4 files changed, 12 insertions(+), 24 deletions(-) diff --git a/src/r_defs.h b/src/r_defs.h index 758438616..1aac18eb3 100644 --- a/src/r_defs.h +++ b/src/r_defs.h @@ -906,7 +906,7 @@ struct rotsprite_t // Patches are used for sprites and all masked pictures, and we compose // textures from the TEXTURES list of patches. // -typedef enum +typedef enum { PATCHALIGN_AUTOCENTER = 1<<0, PATCHALIGN_USEPIVOTS = 1<<1, diff --git a/src/r_draw.cpp b/src/r_draw.cpp index 1cffcf8a8..e8cfde488 100644 --- a/src/r_draw.cpp +++ b/src/r_draw.cpp @@ -546,22 +546,12 @@ void R_InitViewBuffer(INT32 width, INT32 height) if (temp_dc.buf) { -#if defined(__SSE__) - aligned_free(temp_dc.buf); -#else Z_Free(temp_dc.buf); -#endif } memset(&temp_dc, 0, sizeof(temp_dc)); -#if defined(__SSE__) - while (bufsize & 15) - bufsize++; - temp_dc.buf = static_cast(aligned_alloc(16, bufsize)); -#else temp_dc.buf = static_cast(Z_Calloc(bufsize, PU_STATIC, NULL)); -#endif linesize = vid.width; // killough 11/98 renderscreen = vid.screens[0]; // haleyjd 07/02/14 diff --git a/src/r_draw_column.cpp b/src/r_draw_column.cpp index 8a8a6ed3c..f6f1085c7 100644 --- a/src/r_draw_column.cpp +++ b/src/r_draw_column.cpp @@ -96,14 +96,8 @@ FUNCINLINE static ATTRINLINE constexpr UINT8 R_DrawColumnPixel(drawcolumndata_t* } } - if constexpr (Type & DrawColumnType::DC_DIRECT) - { // if we dont buffer our columns, we need to handle translucency again - return R_GetColumnTranslucent(dc, dest, bit, col); - } - else - { - return R_GetColumnTranslated(dc, col); - } + // if we dont buffer our columns, we need to handle translucency again + return R_GetColumnTranslucent(dc, dest, bit, col); } /** \brief The R_DrawColumn function @@ -115,7 +109,6 @@ static void R_DrawColumnTemplate(drawcolumndata_t *dc) INT32 count; UINT8 *dest; const INT32 vidheight = vid.height; - const INT32 vidwidth = vid.width; // leban 1/17/99: // removed the + 1 here, adjusted the if test, and added an increment @@ -134,7 +127,7 @@ static void R_DrawColumnTemplate(drawcolumndata_t *dc) return; } - if ((unsigned)dc->x >= (unsigned)vidwidth || dc->yl < 0 || dc->yh >= vidheight) + if ((unsigned)dc->x >= (unsigned)vid.width || dc->yl < 0 || dc->yh >= vidheight) { return; } @@ -247,6 +240,11 @@ static void R_DrawColumnTemplate(drawcolumndata_t *dc) else dest = R_GetBufferOpaque(dc); + INT32 vidwidth = 8; //SoM: Oh, Oh it's MAGIC! You know... + + if constexpr (Type & DrawColumnType::DC_DIRECT) + vidwidth = vid.width; + count++; // Determine scaling, which is the only mapping to be done. @@ -367,7 +365,7 @@ static void R_DrawColumnTemplate(drawcolumndata_t *dc) #define DEFINE_COLUMN_COMBO(name, flags) \ DEFINE_COLUMN_FUNC(name, flags) \ - DEFINE_COLUMN_FUNC(name ## _Brightmap, flags|DC_BRIGHTMAP) + DEFINE_COLUMN_FUNC(name ## _Brightmap, flags|DC_DIRECT|DC_BRIGHTMAP) DEFINE_COLUMN_COMBO(R_DrawColumn, DC_DIRECT|DC_BASIC) DEFINE_COLUMN_COMBO(R_DrawTranslucentColumn, DC_DIRECT|DC_TRANSMAP) diff --git a/src/r_things.cpp b/src/r_things.cpp index 66ef4eeca..e4a420918 100644 --- a/src/r_things.cpp +++ b/src/r_things.cpp @@ -867,9 +867,9 @@ UINT8 *R_GetSpriteTranslation(vissprite_t *vis) if (vis->mobj->color) { // New colormap stuff for skins Tails 06-07-2002 - + if (!(vis->cut & SC_PRECIP) && vis->mobj->colorized) - { + { return R_GetTranslationColormap(R_IsOverlayingInvinciblePlayer(vis->mobj) ? TC_BLINK : TC_RAINBOW, static_cast(vis->mobj->color), GTC_CACHE);