*ash class: slightly better error handling & memory management. should help fix/avoid some issues with buffer overflowing using the hardcoded buffer size from crediar's original code

This commit is contained in:
giantpune 2011-01-29 08:44:22 +00:00
parent 506aa591e5
commit c96add47e3
3 changed files with 873 additions and 851 deletions

View File

@ -1,4 +1,8 @@
#include "ash.h" #include "ash.h"
//this is large enough for all the system menu ash0 files, and thats all i need it for
#define BUFFER_SIZE 0x600000
bool IsAshCompressed( const QByteArray ba ) bool IsAshCompressed( const QByteArray ba )
{ {
return ba.startsWith( "ASH" ); return ba.startsWith( "ASH" );
@ -6,6 +10,7 @@ bool IsAshCompressed( const QByteArray ba )
QByteArray DecryptAsh( const QByteArray ba ) QByteArray DecryptAsh( const QByteArray ba )
{ {
//qDebug() << "DecryptAsh()";
if( !IsAshCompressed( ba ) ) if( !IsAshCompressed( ba ) )
{ {
qWarning() << "DecryptAsh -> wrong magic"; qWarning() << "DecryptAsh -> wrong magic";
@ -16,7 +21,7 @@ QByteArray DecryptAsh( const QByteArray ba )
quint32 t; quint32 t;
quint64 memAddr = (quint64)( ba.data() );//in quint64 memAddr = (quint64)( ba.data() );//in
r[4] = 0x80000000; r[4] = 0x8000000;
qint64 inDiff = memAddr - r[ 4 ];//difference in r[ 4 ] and the real address. hack to support higher memory addresses than crediar's version qint64 inDiff = memAddr - r[ 4 ];//difference in r[ 4 ] and the real address. hack to support higher memory addresses than crediar's version
r[5] = 0x415348; r[5] = 0x415348;
@ -29,14 +34,25 @@ QByteArray DecryptAsh( const QByteArray ba )
quint32 size = r[5]; quint32 size = r[5];
//qDebug() << "Decompressed size:" << hex << size; //qDebug() << "Decompressed size:" << hex << size;
if( size > BUFFER_SIZE )
{
qWarning() << "DecryptAsh(): this file was built with a buffer to small to deal with this archive. Build it with a bigger one and try again."
<< hex << size << ">" << BUFFER_SIZE;
return QByteArray();
}
char crap2[ size ]; QByteArray crap2( size, '\0' );
quint64 memAddr2 = (quint64)( crap2 );//outbuf if( (quint32)crap2.size() != size )
r[3] = 0x90000000; {
qWarning() << "DecryptAsh(): out of memory 1";
return QByteArray();
}
//char crap2[ size ];
quint64 memAddr2 = (quint64)( crap2.data() );//outbuf
r[3] = 0x9000000;
qint64 outDiff = memAddr2 - r[ 3 ];//difference in r[ 3 ] and the real address qint64 outDiff = memAddr2 - r[ 3 ];//difference in r[ 3 ] and the real address
quint32 o = r[ 3 ]; quint32 o = r[ 3 ];
memset( (void*)( r[ 3 ] + outDiff ), 0, size );
r[24] = 0x10; r[24] = 0x10;
r[28] = qFromBigEndian(*(quint32 *)(r[4]+8 + inDiff)); r[28] = qFromBigEndian(*(quint32 *)(r[4]+8 + inDiff));
@ -48,12 +64,18 @@ QByteArray DecryptAsh( const QByteArray ba )
//r[8] = 0x8108<<16; //r[8] = 0x8108<<16;
//HACK, pointer to RAM //HACK, pointer to RAM
char crap3[ 0x100000 ]; QByteArray crap3( BUFFER_SIZE, '\0' );
quint64 memAddr3 = (quint64)( crap3 );//outbuf if( crap3.size() != BUFFER_SIZE )
{
qWarning() << "DecryptAsh(): out of memory 1";
return QByteArray();
}
//char crap3[ 0x100000 ];
quint64 memAddr3 = (quint64)( crap3.data() );//outbuf
r[8] = 0x84000000; r[8] = 0x84000000;
qint64 outDiff2 = memAddr3 - r[ 8 ];//difference in r[ 3 ] and the real address qint64 outDiff2 = memAddr3 - r[ 8 ];//difference in r[ 3 ] and the real address
memset( (void*)( r[8] + outDiff2 ), 0, 0x100000 ); memset( (void*)( r[8] + outDiff2 ), 0, 0x100000 );
r[8] = r[8]; r[8] = r[8];
r[9] = r[8] + 0x07FE; r[9] = r[8] + 0x07FE;
r[10] = r[9] + 0x07FE; r[10] = r[9] + 0x07FE;