Fix for Chessbox bug FS#10363

Chessbox was overflowing GameList[240] causing the board to flip + crash GameCnt changed to unsigned char which allows the array to roll over to 0 after 255 define MAX_GAME_CNT 256 and GameList[MAX_GAME_CNT] along with 1 byte GameCnt should fix this issue dbg save routine left in for now to help identify any other problems Added bounds checking to prevent second bug found when loading .pgn files Change-Id: I2b615c8ecbed4368724412f80ce07346f3cf30a7
author: William Wilgus <me.theuser@yahoo.com> 2017-01-31 04:28:02 +0100
committer: William Wilgus <me.theuser@yahoo.com> 2017-02-01 01:33:48 +0100
commit: 1fa7c5635184e3a8c16b696a658c027fcc0862d8 (patch)
tree: debeb03ca2da9a20ccfae5ece4fc512847046014 /apps/plugins/chessbox/chessbox.c
parent: 37522ec63ae8fd2f88a66ed3d7020ebe95e9980e (diff)
download: rockbox-1fa7c5635184e3a8c16b696a658c027fcc0862d8.tar.gz
rockbox-1fa7c5635184e3a8c16b696a658c027fcc0862d8.zip
1 files changed, 108 insertions, 4 deletions
diff --git a/apps/plugins/chessbox/chessbox.c b/apps/plugins/chessbox/chessbox.c
index 86ca5a355e..7d42b72c1b 100644
--- a/apps/plugins/chessbox/chessbox.c
+++ b/apps/plugins/chessbox/chessbox.c
@@ -26,8 +26,7 @@
 #if (MEMORYSIZE > 8) /* Lowmem doesn't have playback in chessbox */
 #define HAVE_PLAYBACK_CONTROL
 #endif
+/*#define CHESSBOX_SAVE_FILE_DBG  PLUGIN_GAMES_DATA_DIR "/chessbox_dbg.save"*/
 #ifdef HAVE_PLAYBACK_CONTROL
 #include "lib/playback_control.h"
 #endif
@@ -265,12 +264,117 @@ static void cb_levelup ( void ) {
    rb->splash ( HZ/2 , level_string[Level-1] );
 };
+#ifdef CHESSBOX_SAVE_FILE_DBG
+/* Save a debug file with names, variables, and sizes */
+static void cb_saveposition_dbg ( void )
+{
+    int fd;
+    short sq,i,c;
+    unsigned short temp;
+    char buf[32]="\0";
+    int ch_ct = 0;
+    rb->splash ( 0 , "Saving debug" );
+    fd = rb->open(CHESSBOX_SAVE_FILE_DBG, O_WRONLY|O_CREAT, 0666);
+    ch_ct = rb->snprintf(buf,31,"computer = %d, %d bytes\n",computer+1,
+                                                        sizeof(computer));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"opponent = %d, %d bytes\n",opponent+1,
+                                                        sizeof(opponent));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"Game50 = %d, %d bytes\n",Game50,
+                                                      sizeof(Game50));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"CastldWht = %d, %d bytes\n",castld[white],
+                                                      sizeof(castld[white]));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"CastldBlk = %d, %d bytes\n",castld[black],
+                                                      sizeof(castld[black]));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"KngMovedWht = %d, %d bytes\n",kingmoved[white],
+                                                      sizeof(kingmoved[white]));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"KngMovedBlk = %d, %d bytes\n",kingmoved[black],
+                                                      sizeof(kingmoved[black]));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"WithBook = %d, %d bytes\n",withbook,
+                                                      sizeof(withbook));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"Lvl = %ld, %d bytes\n",Level,
+                                                      sizeof(Level));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"TCflag = %d, %d bytes\n",TCflag,
+                                                      sizeof(TCflag));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"OpTime = %d, %d bytes\n",OperatorTime,
+                                                      sizeof(OperatorTime));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"TmCtlClkWht = %ld, %d bytes\n",
+                    TimeControl.clock[white], sizeof(TimeControl.clock[white]));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"TmCtlClkBlk = %ld, %d bytes\n",
+                    TimeControl.clock[black],  sizeof(TimeControl.clock[black]));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"TmCtlMovesWht = %d, %d bytes\n",
+                   TimeControl.moves[white],  sizeof(TimeControl.moves[white]));
+    rb->write(fd, buf, ch_ct);
+    ch_ct = rb->snprintf(buf,31,"TmCtlMovesBlk = %d, %d bytes\n",
+                   TimeControl.moves[black],  sizeof(TimeControl.moves[black]));
+    rb->write(fd, buf, ch_ct);
+    for (sq = 0; sq < 64; sq++) {
+        if (color[sq] == neutral) c = 0; else c = color[sq]+1;
+        temp = 256*board[sq] + c ;
+        ch_ct = rb->snprintf(buf,31,"sq %02d = %d, %d bytes\n",sq, temp,
+                                                      sizeof(temp));
+        rb->write(fd, buf, ch_ct);
+    }
+    for (i = 0; i <= GameCnt; i++) {
+        ch_ct = rb->snprintf(buf,31,"GameCt %d, %d bytes\n",i,
+                                                      sizeof(GameCnt));
+        rb->write(fd, buf, ch_ct);
+        if (GameList[i].color == neutral)
+        {
+            c = 0;
+            ch_ct = rb->snprintf(buf,31,"color = %d, %d bytes\n",c,
+                                                            sizeof(c));
+            rb->write(fd, buf, ch_ct);
+        }
+        else
+            c = GameList[i].color + 1;
+        ch_ct = rb->snprintf(buf,31,"gmove = %d, %d bytes\n",GameList[i].gmove,
+                                                      sizeof(GameList[i].gmove));
+        rb->write(fd, buf, ch_ct);
+        ch_ct = rb->snprintf(buf,31,"score = %d, %d bytes\n",GameList[i].score,
+                                                      sizeof(GameList[i].score));
+        rb->write(fd, buf, ch_ct);
+        ch_ct = rb->snprintf(buf,31,"depth = %d, %d bytes\n",GameList[i].depth,
+                                                      sizeof(GameList[i].depth));
+        rb->write(fd, buf, ch_ct);
+        ch_ct = rb->snprintf(buf,31,"nodes = %ld, %d bytes\n",GameList[i].nodes,
+                                                      sizeof(GameList[i].nodes));
+        rb->write(fd, buf, ch_ct);
+        ch_ct = rb->snprintf(buf,31,"time = %d, %d bytes\n",GameList[i].time,
+                                                      sizeof(GameList[i].time));
+        rb->write(fd, buf, ch_ct);
+        ch_ct = rb->snprintf(buf,31,"piece = %d, %d bytes\n",GameList[i].piece,
+                                                     sizeof(GameList[i].piece));
+        rb->write(fd, buf, ch_ct);
+        ch_ct = rb->snprintf(buf,31,"color = %d, %d bytes\n",c,sizeof(c));
+        rb->write(fd, buf, ch_ct);
+    }
+    rb->close(fd);
+}
+#endif
 /* ---- Save current position ---- */
 static void cb_saveposition ( void ) {
    int fd;
    short sq,i,c;
    unsigned short temp;
+#ifdef CHESSBOX_SAVE_FILE_DBG
+    cb_saveposition_dbg();
+#endif
    rb->splash ( 0 , "Saving position" );
    fd = rb->open(SAVE_FILE, O_WRONLY|O_CREAT, 0666);
@@ -356,7 +460,7 @@ static void cb_restoreposition ( void ) {
            else
                --color[sq];
        }
-        GameCnt = -1;
+        GameCnt = MAX_GAME_CNT - 1; /*uchar rollsover to 0 after 255*/
        while (rb->read(fd, &(GameList[++GameCnt].gmove),
                        sizeof(GameList[GameCnt].gmove)) > 0) {
            rb->read(fd, &(GameList[GameCnt].score),
author	William Wilgus <me.theuser@yahoo.com>	2017-01-31 04:28:02 +0100
committer	William Wilgus <me.theuser@yahoo.com>	2017-02-01 01:33:48 +0100
commit	1fa7c5635184e3a8c16b696a658c027fcc0862d8 (patch)
tree	debeb03ca2da9a20ccfae5ece4fc512847046014 /apps/plugins/chessbox/chessbox.c
parent	37522ec63ae8fd2f88a66ed3d7020ebe95e9980e (diff)
download	rockbox-1fa7c5635184e3a8c16b696a658c027fcc0862d8.tar.gz rockbox-1fa7c5635184e3a8c16b696a658c027fcc0862d8.zip

diff --git a/apps/plugins/chessbox/chessbox.c b/apps/plugins/chessbox/chessbox.c index 86ca5a355e..7d42b72c1b 100644 --- a/apps/plugins/chessbox/chessbox.c +++ b/apps/plugins/chessbox/chessbox.c
@@ -26,8 +26,7 @@
26	#if (MEMORYSIZE > 8) /* Lowmem doesn't have playback in chessbox */	26	#if (MEMORYSIZE > 8) /* Lowmem doesn't have playback in chessbox */
27	#define HAVE_PLAYBACK_CONTROL	27	#define HAVE_PLAYBACK_CONTROL
28	#endif	28	#endif
29		29	/#define CHESSBOX_SAVE_FILE_DBG PLUGIN_GAMES_DATA_DIR "/chessbox_dbg.save"/
30
31	#ifdef HAVE_PLAYBACK_CONTROL	30	#ifdef HAVE_PLAYBACK_CONTROL
32	#include "lib/playback_control.h"	31	#include "lib/playback_control.h"
33	#endif	32	#endif
@@ -265,12 +264,117 @@ static void cb_levelup ( void ) {
265	rb->splash ( HZ/2 , level_string[Level-1] );	264	rb->splash ( HZ/2 , level_string[Level-1] );
266	};	265	};
267		266
		267	#ifdef CHESSBOX_SAVE_FILE_DBG
		268	/* Save a debug file with names, variables, and sizes */
		269	static void cb_saveposition_dbg ( void )
		270	{
		271	int fd;
		272	short sq,i,c;
		273	unsigned short temp;
		274	char buf[32]="\0";
		275	int ch_ct = 0;
		276
		277	rb->splash ( 0 , "Saving debug" );
		278	fd = rb->open(CHESSBOX_SAVE_FILE_DBG, O_WRONLY\|O_CREAT, 0666);
		279	ch_ct = rb->snprintf(buf,31,"computer = %d, %d bytes\n",computer+1,
		280	sizeof(computer));
		281	rb->write(fd, buf, ch_ct);
		282	ch_ct = rb->snprintf(buf,31,"opponent = %d, %d bytes\n",opponent+1,
		283	sizeof(opponent));
		284	rb->write(fd, buf, ch_ct);
		285	ch_ct = rb->snprintf(buf,31,"Game50 = %d, %d bytes\n",Game50,
		286	sizeof(Game50));
		287	rb->write(fd, buf, ch_ct);
		288	ch_ct = rb->snprintf(buf,31,"CastldWht = %d, %d bytes\n",castld[white],
		289	sizeof(castld[white]));
		290	rb->write(fd, buf, ch_ct);
		291	ch_ct = rb->snprintf(buf,31,"CastldBlk = %d, %d bytes\n",castld[black],
		292	sizeof(castld[black]));
		293	rb->write(fd, buf, ch_ct);
		294	ch_ct = rb->snprintf(buf,31,"KngMovedWht = %d, %d bytes\n",kingmoved[white],
		295	sizeof(kingmoved[white]));
		296	rb->write(fd, buf, ch_ct);
		297	ch_ct = rb->snprintf(buf,31,"KngMovedBlk = %d, %d bytes\n",kingmoved[black],
		298	sizeof(kingmoved[black]));
		299	rb->write(fd, buf, ch_ct);
		300	ch_ct = rb->snprintf(buf,31,"WithBook = %d, %d bytes\n",withbook,
		301	sizeof(withbook));
		302	rb->write(fd, buf, ch_ct);
		303	ch_ct = rb->snprintf(buf,31,"Lvl = %ld, %d bytes\n",Level,
		304	sizeof(Level));
		305	rb->write(fd, buf, ch_ct);
		306	ch_ct = rb->snprintf(buf,31,"TCflag = %d, %d bytes\n",TCflag,
		307	sizeof(TCflag));
		308	rb->write(fd, buf, ch_ct);
		309	ch_ct = rb->snprintf(buf,31,"OpTime = %d, %d bytes\n",OperatorTime,
		310	sizeof(OperatorTime));
		311	rb->write(fd, buf, ch_ct);
		312	ch_ct = rb->snprintf(buf,31,"TmCtlClkWht = %ld, %d bytes\n",
		313	TimeControl.clock[white], sizeof(TimeControl.clock[white]));
		314	rb->write(fd, buf, ch_ct);
		315	ch_ct = rb->snprintf(buf,31,"TmCtlClkBlk = %ld, %d bytes\n",
		316	TimeControl.clock[black], sizeof(TimeControl.clock[black]));
		317	rb->write(fd, buf, ch_ct);
		318	ch_ct = rb->snprintf(buf,31,"TmCtlMovesWht = %d, %d bytes\n",
		319	TimeControl.moves[white], sizeof(TimeControl.moves[white]));
		320	rb->write(fd, buf, ch_ct);
		321	ch_ct = rb->snprintf(buf,31,"TmCtlMovesBlk = %d, %d bytes\n",
		322	TimeControl.moves[black], sizeof(TimeControl.moves[black]));
		323	rb->write(fd, buf, ch_ct);
		324	for (sq = 0; sq < 64; sq++) {
		325	if (color[sq] == neutral) c = 0; else c = color[sq]+1;
		326	temp = 256*board[sq] + c ;
		327	ch_ct = rb->snprintf(buf,31,"sq %02d = %d, %d bytes\n",sq, temp,
		328	sizeof(temp));
		329	rb->write(fd, buf, ch_ct);
		330	}
		331	for (i = 0; i <= GameCnt; i++) {
		332	ch_ct = rb->snprintf(buf,31,"GameCt %d, %d bytes\n",i,
		333	sizeof(GameCnt));
		334	rb->write(fd, buf, ch_ct);
		335	if (GameList[i].color == neutral)
		336	{
		337	c = 0;
		338	ch_ct = rb->snprintf(buf,31,"color = %d, %d bytes\n",c,
		339	sizeof(c));
		340	rb->write(fd, buf, ch_ct);
		341	}
		342	else
		343	c = GameList[i].color + 1;
		344	ch_ct = rb->snprintf(buf,31,"gmove = %d, %d bytes\n",GameList[i].gmove,
		345	sizeof(GameList[i].gmove));
		346	rb->write(fd, buf, ch_ct);
		347	ch_ct = rb->snprintf(buf,31,"score = %d, %d bytes\n",GameList[i].score,
		348	sizeof(GameList[i].score));
		349	rb->write(fd, buf, ch_ct);
		350	ch_ct = rb->snprintf(buf,31,"depth = %d, %d bytes\n",GameList[i].depth,
		351	sizeof(GameList[i].depth));
		352	rb->write(fd, buf, ch_ct);
		353	ch_ct = rb->snprintf(buf,31,"nodes = %ld, %d bytes\n",GameList[i].nodes,
		354	sizeof(GameList[i].nodes));
		355	rb->write(fd, buf, ch_ct);
		356	ch_ct = rb->snprintf(buf,31,"time = %d, %d bytes\n",GameList[i].time,
		357	sizeof(GameList[i].time));
		358	rb->write(fd, buf, ch_ct);
		359	ch_ct = rb->snprintf(buf,31,"piece = %d, %d bytes\n",GameList[i].piece,
		360	sizeof(GameList[i].piece));
		361	rb->write(fd, buf, ch_ct);
		362	ch_ct = rb->snprintf(buf,31,"color = %d, %d bytes\n",c,sizeof(c));
		363	rb->write(fd, buf, ch_ct);
		364	}
		365	rb->close(fd);
		366
		367	}
		368	#endif
		369
268	/* ---- Save current position ---- */	370	/* ---- Save current position ---- */
269	static void cb_saveposition ( void ) {	371	static void cb_saveposition ( void ) {
270	int fd;	372	int fd;
271	short sq,i,c;	373	short sq,i,c;
272	unsigned short temp;	374	unsigned short temp;
273		375	#ifdef CHESSBOX_SAVE_FILE_DBG
		376	cb_saveposition_dbg();
		377	#endif
274	rb->splash ( 0 , "Saving position" );	378	rb->splash ( 0 , "Saving position" );
275		379
276	fd = rb->open(SAVE_FILE, O_WRONLY\|O_CREAT, 0666);	380	fd = rb->open(SAVE_FILE, O_WRONLY\|O_CREAT, 0666);
@@ -356,7 +460,7 @@ static void cb_restoreposition ( void ) {
356	else	460	else
357	--color[sq];	461	--color[sq];
358	}	462	}
359	GameCnt = -1;	463	GameCnt = MAX_GAME_CNT - 1; /uchar rollsover to 0 after 255/
360	while (rb->read(fd, &(GameList[++GameCnt].gmove),	464	while (rb->read(fd, &(GameList[++GameCnt].gmove),
361	sizeof(GameList[GameCnt].gmove)) > 0) {	465	sizeof(GameList[GameCnt].gmove)) > 0) {
362	rb->read(fd, &(GameList[GameCnt].score),	466	rb->read(fd, &(GameList[GameCnt].score),