Check array size for overflow.

Since ZScript is a 32 bit VM, the largest safe value for an array's physical size is 2GB. Any larger value will be destroyed by the compiler which relies on signed 32 bit values too much.
ZDoom · Oct 25, 2024 · a14bba3 · a14bba3
1 parent ee6991e
commit a14bba3
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/src/common/scripting/frontend/zcc_compile.cpp b/src/common/scripting/frontend/zcc_compile.cpp
@@ -2286,6 +2286,11 @@ PType *ZCCCompiler::ResolveArraySize(PType *baseType, ZCC_Expression *arraysize,
 			Error(arraysize, "Array size must be positive");
 			return TypeError;
 		}
+		if (uint64_t(size) * baseType->Size > 0x7fffffff)
+		{
+			Error(arraysize, "Array size overflow. Total size must be less than 2GB");
+			return TypeError;
+		}
 		baseType = NewArray(baseType, size);
 	}