From abb1cd02cd90d5c81c6cbf06d1602a7dc2e3402a Mon Sep 17 00:00:00 2001 From: James Turner Date: Fri, 7 Aug 2020 17:48:21 +0100 Subject: [PATCH] SGBuildingBin: avoid read of un-inited memory Where the building line is not as long as expected, ensure we read valid memory. --- simgear/scene/tgdb/SGBuildingBin.cxx | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/simgear/scene/tgdb/SGBuildingBin.cxx b/simgear/scene/tgdb/SGBuildingBin.cxx index 7ce1ad3e..07955f29 100644 --- a/simgear/scene/tgdb/SGBuildingBin.cxx +++ b/simgear/scene/tgdb/SGBuildingBin.cxx @@ -462,9 +462,17 @@ typedef QuadTreeBuilder> x >> y >> z >> r >> b >> w >> d >> h >> p >> s >> o >> f >> wt >> rt; + float x = 0.0f, y = 0.0f, z = 0.0f, r = 0.0f, w = 0.0f, d = 0.0f, h = 0.0f, p = 0.0f; + int b = 0, s = 0, o = 0, f = 0, wt = 0, rt = 0; + in >> x >> y >> z >> r >> b; + + if (in.failbit) { + SG_LOG(SG_TERRAIN, SG_WARN, "Error parsing build entry in: " << absoluteFileName); + continue; + } + + // these might fail, so check them after we look at failbit + in >> w >> d >> h >> p >> s >> o >> f >> wt >> rt; //SG_LOG(SG_TERRAIN, SG_ALERT, "Building entry " << x << " " << y << " " << z << " " << b ); SGVec3f loc = SGVec3f(x,y,z);