summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrubidium <rubidium@openttd.org>2007-08-08 14:18:05 +0000
committerrubidium <rubidium@openttd.org>2007-08-08 14:18:05 +0000
commit807b833e4d82c7fc2d19e65d4f13f041f4669844 (patch)
tree32b3276163df37c85cde3a07886f5ab0be76ea08
parenta973c893fbcde83fe4e269f609e9dae27bf17e9e (diff)
downloadopenttd-807b833e4d82c7fc2d19e65d4f13f041f4669844.tar.xz
(svn r10827) -Fix [FS#1112]: out of bounds access in corner case of list allocations of vehicles.
-rw-r--r--src/oldpool.h36
1 files changed, 25 insertions, 11 deletions
diff --git a/src/oldpool.h b/src/oldpool.h
index caeabccab..9f79d632e 100644
--- a/src/oldpool.h
+++ b/src/oldpool.h
@@ -234,22 +234,14 @@ struct PoolItem {
return false;
}
-protected:
- /**
- * Allocate a pool item; possibly allocate a new block in the pool.
- * @return the allocated pool item (or NULL when the pool is full).
- */
- static inline T *AllocateRaw()
- {
- return AllocateRaw(Tpool->first_free_index);
- }
-
+private:
/**
* Allocate a pool item; possibly allocate a new block in the pool.
* @param first the first pool item to start searching
+ * @pre first <= Tpool->GetSize()
* @return the allocated pool item (or NULL when the pool is full).
*/
- static inline T *AllocateRaw(uint &first)
+ static inline T *AllocateSafeRaw(uint &first)
{
uint last_minus_one = Tpool->GetSize() - 1;
@@ -270,6 +262,28 @@ protected:
return NULL;
}
+protected:
+ /**
+ * Allocate a pool item; possibly allocate a new block in the pool.
+ * @return the allocated pool item (or NULL when the pool is full).
+ */
+ static inline T *AllocateRaw()
+ {
+ return AllocateSafeRaw(Tpool->first_free_index);
+ }
+
+ /**
+ * Allocate a pool item; possibly allocate a new block in the pool.
+ * @param first the first pool item to start searching
+ * @return the allocated pool item (or NULL when the pool is full).
+ */
+ static inline T *AllocateRaw(uint &first)
+ {
+ if (first >= Tpool->GetSize() && !Tpool->AddBlockToPool()) return NULL;
+
+ return AllocateSafeRaw(first);
+ }
+
/**
* Are we cleaning this pool?
* @return true if we are