blob: 94214d8ad13bd9c47e14128c189aa8ecfb024aea (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
From 7d884d24adff82c020c2663c9142b38ee189ddef Mon Sep 17 00:00:00 2001
From: Simon Howard <fraggle@soulsphere.org>
Date: Sat, 11 Jul 2015 03:38:49 -0400
Subject: [PATCH 05/13] doom: Avoid overflow for spawn angle calculation.
Integer overflow is undefined and this breaks when using Clang with
-O2 optimization turned on. This fixes #572 (thanks to David Majnemer
for insight into fixing this bug).
---
src/doom/g_game.c | 17 ++++++++---------
1 file changed, 8 insertions(+), 9 deletions(-)
diff --git a/src/doom/g_game.c b/src/doom/g_game.c
index bc582a5..3001e03 100644
--- a/src/doom/g_game.c
+++ b/src/doom/g_game.c
@@ -1168,26 +1168,26 @@ G_CheckSpot
fixed_t xa, ya;
signed int an;
- an = (ANG45 * ((signed int) mthing->angle / 45));
- // Right-shifting a negative signed integer is implementation-defined,
- // so divide instead.
- an /= 1 << ANGLETOFINESHIFT;
+ // This calculation overflows in Vanilla Doom, but here we deliberately
+ // avoid integer overflow as it is undefined behavior, so the value of
+ // 'an' will always be positive.
+ an = (ANG45 >> ANGLETOFINESHIFT) * ((signed int) mthing->angle / 45);
switch (an)
{
- case -4096:
+ case 4096: // -4096:
xa = finetangent[2048]; // finecosine[-4096]
ya = finetangent[0]; // finesine[-4096]
break;
- case -3072:
+ case 5120: // -3072:
xa = finetangent[3072]; // finecosine[-3072]
ya = finetangent[1024]; // finesine[-3072]
break;
- case -2048:
+ case 6144: // -2048:
xa = finesine[0]; // finecosine[-2048]
ya = finetangent[2048]; // finesine[-2048]
break;
- case -1024:
+ case 7168: // -1024:
xa = finesine[1024]; // finecosine[-1024]
ya = finetangent[3072]; // finesine[-1024]
break;
@@ -1195,7 +1195,6 @@ G_CheckSpot
case 1024:
case 2048:
case 3072:
- case 4096:
xa = finecosine[an];
ya = finesine[an];
break;
--
2.5.0
|