From 93daf905f1cda0c095af8237a3136167f1b01663 Mon Sep 17 00:00:00 2001
From: Daniel Gibson <metalcaedes@gmail.com>
Date: Mon, 18 Apr 2016 19:37:02 +0200
Subject: [PATCH] EntitiesMP/Common/Particles.cpp: Don't access
 afStarsPositions[i][3]

fix out of bounds accesses of that array.
I guess the same will have to be done for Entities/Common/Particles.cpp
---
 Sources/EntitiesMP/Common/Particles.cpp | 67 +++++++++++++------------
 1 file changed, 34 insertions(+), 33 deletions(-)

diff --git a/Sources/EntitiesMP/Common/Particles.cpp b/Sources/EntitiesMP/Common/Particles.cpp
index 8c5c846..605db3c 100755
--- a/Sources/EntitiesMP/Common/Particles.cpp
+++ b/Sources/EntitiesMP/Common/Particles.cpp
@@ -1589,9 +1589,10 @@ INDEX Particles_Regeneration(CEntity *pen, FLOAT tmStart, FLOAT tmStop, FLOAT fY
       vPos2 = Lerp( vSource, vDestination, fT2);
     }
     
-    UBYTE ubR = (UBYTE) (192+afStarsPositions[iRnd][1]*64);
-    UBYTE ubG = (UBYTE) (192+afStarsPositions[iRnd][2]*64);
-    UBYTE ubB = (UBYTE) (192+afStarsPositions[iRnd][3]*64); // FIXME DG: afStarsPositions[i][3] invalid, what's going on here?
+    // DG: changed indices from 1-3 to 0-2 so they're not out of bounds
+    UBYTE ubR = (UBYTE) (192+afStarsPositions[iRnd][0]*64);
+    UBYTE ubG = (UBYTE) (192+afStarsPositions[iRnd][1]*64);
+    UBYTE ubB = (UBYTE) (192+afStarsPositions[iRnd][2]*64);
     UBYTE ubA = (UBYTE) CalculateRatio( fT, 0.0f, 1.0f, 0.4f, 0.01f)*255;
     COLOR colLine = RGBToColor( ubR, ubG, ubB) | ubA;
     
@@ -2242,7 +2243,7 @@ void Particles_DustFall(CEntity *pen, FLOAT tmStarted, FLOAT3D vStretch)
     FLOAT fRndAppearX = afStarsPositions[iRnd][0]*vStretch(1);
     FLOAT fRndSpeedY = (afStarsPositions[iRnd][1]+0.5f)*0.125f*vStretch(2);
     FLOAT fRndAppearZ = afStarsPositions[iRnd][2]*vStretch(3);
-    FLOAT3D vRndDir=FLOAT3D(afStarsPositions[iRnd][1],0,afStarsPositions[iRnd][3]);
+    FLOAT3D vRndDir=FLOAT3D(afStarsPositions[iRnd][0],0,afStarsPositions[iRnd][2]);
     vRndDir.Normalize();
     FLOAT fRiseTime=Max(fRatio-0.5f,0.0f);
     FLOAT3D vPos=vCenter+vRndDir*fSpeed*3*fStretch+vY*fRiseTime*0.25f;
@@ -2374,7 +2375,7 @@ void Particles_LavaErupting(CEntity *pen, FLOAT fStretchAll, FLOAT fSize,
   vPos(2) += (fStretchY+(fStretchY*0.25f*afStarsPositions[iRnd1][1]))*fT-fGA/2.0f*fT*fT; 
   vPos(3) += fRndAppearZ+afStarsPositions[iRnd1][2]*fT*fStretchZ*10;
 
-  Particle_RenderSquare( vPos, fSize+afStarsPositions[iRnd2][3]*fSize*0.5f, fRndRotation*300*fT, C_WHITE|CT_OPAQUE);
+  Particle_RenderSquare( vPos, fSize+afStarsPositions[iRnd2][2]*fSize*0.5f, fRndRotation*300*fT, C_WHITE|CT_OPAQUE);
 
   // all done
   Particle_Flush();
@@ -3091,7 +3092,7 @@ void Particles_Rain(CEntity *pen, FLOAT fGridSize, INDEX ctGrids, FLOAT fFactor,
   for( INDEX iZ=0; iZ<ctGrids; iZ++)
   {
     INDEX iRndZ = (ULONG(vPos(3)+iZ)) % CT_MAX_PARTICLES_TABLE;
-    FLOAT fZOrg = vPos(3) + (iZ+afStarsPositions[iRndZ][3])*fGridSize;
+    FLOAT fZOrg = vPos(3) + (iZ+afStarsPositions[iRndZ][2])*fGridSize;
     for( INDEX iX=0; iX<ctGrids; iX++)
     {
 
@@ -3200,12 +3201,12 @@ void Particles_Snow(CEntity *pen, FLOAT fGridSize, INDEX ctGrids, FLOAT fFactor,
       FLOAT vYStart=vPos(2)+YGRIDS_VISIBLE_ABOVE*YGRID_SIZE+fD;
 
       INDEX iDanceRnd=(iRndXZ+2)%CT_MAX_PARTICLES_TABLE;
-      FLOAT fDanceAngle=afStarsPositions[iDanceRnd][1]*360.0f;
-      FLOAT fAmpX=afStarsPositions[iDanceRnd][2]*2.0f;
-      FLOAT fAmpZ=afStarsPositions[iDanceRnd][3]*2.0f;
-      FLOAT fX = vPos(1) + (iX+afStarsPositions[iRndXZ][3])*fGridSize+fAmpX*sin(fDanceAngle+fNow*3.0f);
-      FLOAT fZ = vPos(3) + (iZ+afStarsPositions[iRndXZ][2])*fGridSize+fAmpZ*cos(fDanceAngle+fNow*3.0f);
-      FLOAT fT0 = afStarsPositions[(INDEX(2+Abs(fX)+Abs(fZ))*262147) % CT_MAX_PARTICLES_TABLE][2];
+      FLOAT fDanceAngle=afStarsPositions[iDanceRnd][0]*360.0f;
+      FLOAT fAmpX=afStarsPositions[iDanceRnd][1]*2.0f;
+      FLOAT fAmpZ=afStarsPositions[iDanceRnd][2]*2.0f;
+      FLOAT fX = vPos(1) + (iX+afStarsPositions[iRndXZ][2])*fGridSize+fAmpX*sin(fDanceAngle+fNow*3.0f);
+      FLOAT fZ = vPos(3) + (iZ+afStarsPositions[iRndXZ][1])*fGridSize+fAmpZ*cos(fDanceAngle+fNow*3.0f);
+      FLOAT fT0 = afStarsPositions[(INDEX(2+Abs(fX)+Abs(fZ))*262147) % CT_MAX_PARTICLES_TABLE][1];
 
       for( INDEX iY=0; iY<(YGRIDS_VISIBLE_ABOVE+YGRIDS_VISIBLE_BELOW); iY++)
       {
@@ -3618,7 +3619,7 @@ void Particles_BulletSpray(INDEX iRndBase, FLOAT3D vSource, FLOAT3D vGDir, enum
       afStarsPositions[ iSpray+iRnd][0]*3.0f* fConeMultiplier,
       (afStarsPositions[ iSpray+iRnd][1]+1.0f)*3.0f,
       afStarsPositions[ iSpray+iRnd][2]*3.0f* fConeMultiplier);
-    FLOAT fSpeedRnd = fSpeedStart+afStarsPositions[ iSpray+iRnd*2][3];
+    FLOAT fSpeedRnd = fSpeedStart+afStarsPositions[ iSpray+iRnd*2][2];
     FLOAT3D vPos = vSource + (vDirection+vRandomAngle)*(fT*fSpeedRnd)+vGDir*(fT*fT*fGA);
 
     if( (eptType == EPT_BULLET_WATER) && (vPos(2) < vSource(2)) )
@@ -3756,7 +3757,7 @@ void Particles_EmptyShells( CEntity *pen, ShellLaunchData *asldData)
         FLOAT fXF = cos( afStarsPositions[iRnd+2][0]*PI);
 
         FLOAT fAmpl = ClampUp( fT+afStarsPositions[iRnd+1][1]+0.5f, 2.0f)/64;
-        FLOAT fFormulae =  fAmpl * sin(afStarsPositions[iRnd][2]+fT*afStarsPositions[iRnd][3]*2);
+        FLOAT fFormulae =  fAmpl * sin(afStarsPositions[iRnd][1]+fT*afStarsPositions[iRnd][2]*2);
 
         FLOAT fColorFactor = 1.0f;
         if( fT>fLife/2)
@@ -4781,11 +4782,11 @@ void Particles_AfterBurner(CEntity *pen, FLOAT tmSpawn, FLOAT fStretch, INDEX iG
     // smoke
     FLOAT3D vPosS = *pvPos1;
     Particle_SetTexturePart( 512, 512, 1, 0);
-    FLOAT fAngleS = afStarsPositions[iRnd][2]*360.0f+fT*120.0f*afStarsPositions[iRnd][3];
+    FLOAT fAngleS = afStarsPositions[iRnd][1]*360.0f+fT*120.0f*afStarsPositions[iRnd][2];
     FLOAT fSizeS = (0.5f+aSmoke_sol[iIndex]*2.5f)*fStretch;
-    FLOAT3D vVelocityS=FLOAT3D(afStarsPositions[iRnd][2], 
-                               afStarsPositions[iRnd][3],
-                               afStarsPositions[iRnd][1])*5.0f;
+    FLOAT3D vVelocityS=FLOAT3D(afStarsPositions[iRnd][1],
+                               afStarsPositions[iRnd][2],
+                               afStarsPositions[iRnd][0])*5.0f;
     vPosS=vPosS+vVelocityS*fT+vGDir*fGA/2.0f*(fT*fT)/32.0f;
     Particle_RenderSquare( vPosS, fSizeS, fAngleS, ByteSwap(pcolSmoke[iIndex]));
 
@@ -4899,7 +4900,7 @@ void Particles_RocketMotorBurning(CEntity *pen, FLOAT tmSpawn, FLOAT3D vStretch,
     INDEX iIndex=(INDEX) (fT*255);
     // smoke
     Particle_SetTexturePart( 512, 512, 1, 0);
-    FLOAT fAngleS = afStarsPositions[iRnd][2]*360.0f+fT*120.0f*afStarsPositions[iRnd][3];
+    FLOAT fAngleS = afStarsPositions[iRnd][1]*360.0f+fT*120.0f*afStarsPositions[iRnd][2];
     FLOAT fSizeS = (3.0f+fT*4.5f)*fStretch;
     Particle_RenderSquare( vPosS, fSizeS, fAngleS, ByteSwap(pcolSmoke[iIndex]));
 
@@ -4933,7 +4934,7 @@ void Particles_RocketMotorBurning(CEntity *pen, FLOAT tmSpawn, FLOAT3D vStretch,
     INDEX iIndex=(INDEX) (fT*255);
     // smoke
     Particle_SetTexturePart( 512, 512, 1, 0);
-    FLOAT fAngleS = afStarsPositions[iRnd][2]*360.0f+fT*120.0f*afStarsPositions[iRnd][3];
+    FLOAT fAngleS = afStarsPositions[iRnd][1]*360.0f+fT*120.0f*afStarsPositions[iRnd][2];
     FLOAT fSizeS = (1.5f+aSmoke_sol[iIndex]*2.5f)*fStretch*fFireStretch;
     Particle_RenderSquare( vPosS, fSizeS, fAngleS, ByteSwap(pcolSmoke[iIndex]));
 
@@ -5303,7 +5304,7 @@ void Particles_CollectEnergy(CEntity *pen, FLOAT tmStart, FLOAT tmStop)
 
     UBYTE ubR = (UBYTE) (255);//+afStarsPositions[iRnd][1]*64;
     UBYTE ubG = (UBYTE) (128+(1.0f-fT)*128);//223+afStarsPositions[iRnd][2]*64;
-    UBYTE ubB = (UBYTE) (16+afStarsPositions[iRnd][3]*32+(1.0f-fT)*64);
+    UBYTE ubB = (UBYTE) (16+afStarsPositions[iRnd][2]*32+(1.0f-fT)*64);
     UBYTE ubA = (UBYTE) (CalculateRatio( fT, 0.0f, 1.0f, 0.4f, 0.01f)*255);
     COLOR colLine = RGBToColor( ubR, ubG, ubB) | ubA;
     
@@ -5339,7 +5340,7 @@ void Particles_CollectEnergy(CEntity *pen, FLOAT tmStart, FLOAT tmStop)
       vZ*Cos(fT*360.0f)*fRadius;
     UBYTE ubR = (UBYTE) (255);
     UBYTE ubG = (UBYTE) (128+(1.0f-fT)*128);
-    UBYTE ubB = (UBYTE) (16+afStarsPositions[iRnd][3]*32+(1.0f-fT)*64);
+    UBYTE ubB = (UBYTE) (16+afStarsPositions[iRnd][2]*32+(1.0f-fT)*64);
     FLOAT fFader=CalculateRatio( fT, 0.0f, 1.0f, 0.4f, 0.01f);
     FLOAT fPulser=(1.0f+(sin((fT*fT)/4.0f)))/2.0f;
     UBYTE ubA = (UBYTE) (fFader*fPulser*255);
@@ -5404,9 +5405,9 @@ void Particles_SummonerDisappear( CEntity *pen, FLOAT tmStart)
   for( INDEX iVtx=0; iVtx<ctVtx; iVtx+=1)
   {
     INDEX iRnd=iVtx%CT_MAX_PARTICLES_TABLE;
-    FLOAT fRndPulseOffset=afStarsPositions[iRnd][1];
-    FLOAT fRndPulseSpeed=afStarsPositions[iRnd][2]*128.0f;
-    FLOAT fRndSize=afStarsPositions[iRnd][3];
+    FLOAT fRndPulseOffset=afStarsPositions[iRnd][0];
+    FLOAT fRndPulseSpeed=afStarsPositions[iRnd][1]*128.0f;
+    FLOAT fRndSize=afStarsPositions[iRnd][2];
 
     FLOAT fPulser=1.0f-(fRatio*(1.0f+(Sin(fRatio*360.0f*fRndPulseSpeed+fRndPulseOffset*360.0f)))/2.0f);
     UBYTE ubColor = UBYTE(CT_OPAQUE*fColorFactor*fPulser);
@@ -5720,7 +5721,7 @@ void Particles_LarvaEnergy(CEntity *pen, FLOAT3D vOffset)
 
     UBYTE ubR = (UBYTE) (255);//+afStarsPositions[iRnd][1]*64;
     UBYTE ubG = (UBYTE) (128+(1.0f-fT)*128);//223+afStarsPositions[iRnd][2]*64;
-    UBYTE ubB = (UBYTE) (16+afStarsPositions[iRnd][3]*32+(1.0f-fT)*64);
+    UBYTE ubB = (UBYTE) (16+afStarsPositions[iRnd][2]*32+(1.0f-fT)*64);
     UBYTE ubA = (UBYTE) (CalculateRatio( fT, 0.0f, 1.0f, 0.4f, 0.01f)*255);
     COLOR colLine = RGBToColor( ubR, ubG, ubB) | ubA;
     
@@ -5756,7 +5757,7 @@ void Particles_LarvaEnergy(CEntity *pen, FLOAT3D vOffset)
       vZ*Cos(fT*360.0f)*fRadius;
     UBYTE ubR = (UBYTE) (255);
     UBYTE ubG = (UBYTE) (128+(1.0f-fT)*128);
-    UBYTE ubB = (UBYTE) (16+afStarsPositions[iRnd][3]*32+(1.0f-fT)*64);
+    UBYTE ubB = (UBYTE) (16+afStarsPositions[iRnd][2]*32+(1.0f-fT)*64);
     FLOAT fFader=CalculateRatio( fT, 0.0f, 1.0f, 0.4f, 0.01f);
     FLOAT fPulser=(1.0f+(sin((fT*fT)/4.0f)))/2.0f;
     UBYTE ubA = (UBYTE) (fFader*fPulser*255);
@@ -5854,7 +5855,7 @@ void Particles_ModelGlow( CEntity *pen, FLOAT tmEnd, enum ParticleTexture ptText
   for( INDEX iVtx=0; iVtx<ctVtx-1; iVtx+=(INDEX)iVtxStep)
   {
     INDEX iRnd=iVtx%CT_MAX_PARTICLES_TABLE;
-    FLOAT fRndSize=afStarsPositions[iRnd][3];
+    FLOAT fRndSize=afStarsPositions[iRnd][2];
 
     FLOAT3D vPos = avVertices[iVtx];
     Particle_RenderSquare( vPos, (1.0f+fRndSize)*fSize, 0, iCol|ubCol);    
@@ -5895,7 +5896,7 @@ void Particles_ModelGlow2( CModelObject *mo, CPlacement3D pl, FLOAT tmEnd, enum
   for( INDEX iVtx=0; iVtx<ctVtx-1; iVtx+=(INDEX)iVtxStep)
   {
     INDEX iRnd=iVtx%CT_MAX_PARTICLES_TABLE;
-    FLOAT fRndSize=afStarsPositions[iRnd][3];
+    FLOAT fRndSize=afStarsPositions[iRnd][2];
 
     FLOAT3D vPos = avVertices[iVtx];
     Particle_RenderSquare( vPos, (1.0f+fRndSize)*fSize, 0, iCol|ubCol);    
@@ -5977,11 +5978,11 @@ void Particles_RunAfterBurner(CEntity *pen, FLOAT tmEnd, FLOAT fStretch, INDEX i
     // smoke
     FLOAT3D vPosS = *pvPos1;
     Particle_SetTexturePart( 512, 512, 1, 0);
-    FLOAT fAngleS = afStarsPositions[iRnd][2]*360.0f+fT*120.0f*afStarsPositions[iRnd][3];
+    FLOAT fAngleS = afStarsPositions[iRnd][1]*360.0f+fT*120.0f*afStarsPositions[iRnd][2];
     FLOAT fSizeS = (0.5f+aSmoke_sol[iIndex]*2.5f)*fStretch;
-    FLOAT3D vVelocityS=FLOAT3D(afStarsPositions[iRnd][2], 
-                               afStarsPositions[iRnd][3],
-                               afStarsPositions[iRnd][1])*5.0f;
+    FLOAT3D vVelocityS=FLOAT3D(afStarsPositions[iRnd][1],
+                               afStarsPositions[iRnd][2],
+                               afStarsPositions[iRnd][0])*5.0f;
     vPosS=vPosS+vVelocityS*fT+vGDir*fGA/2.0f*(fT*fT)/32.0f;
     col = ByteSwap(pcolSmoke[iIndex]);
     col = (col&0xffffff00)|((col&0x000000ff)*ubColMul/255);