From: Nick Bowler <draconx@gmail.com>
Date: Mon, 31 Dec 2007 09:40:18 +0000 (-0500)
Subject: Fixes to image processing.
X-Git-Url: http://git.draconx.ca/gitweb/liblbx.git/commitdiff_plain/a5ebd4f7732ad6846b0dc992c8d43cac636f580d

Fixes to image processing.

The noffsets and nframes values stored in image files appear to be one less
than what they actually are, so increment them on load.  This makes single
frame images work.

If the xval read on a 'type 0' row command is 1000, stop processing the frame.
This makes the 50th frame of mainmenu.lbx.000 work.
---

diff --git a/src/image.c b/src/image.c
index ba642d0..c1ad351 100644
--- a/src/image.c
+++ b/src/image.c
@@ -45,6 +45,15 @@ struct lbx_image *lbximg_fopen(FILE *f)
 	tmp.frames = letohs(tmp.frames); tmp.foff += sizeof tmp.frames;
 	tmp.wtf2   = letohs(tmp.wtf2);   tmp.foff += sizeof tmp.wtf2;
 
+	/* For some reason, the format seems to need this. */
+	tmp.offs++;
+	tmp.frames++;
+
+	if (tmp.offs <= tmp.frames) {
+		lbx_errno = LBX_EFORMAT;
+		return NULL;
+	}
+
 	/*
 	 * DEBUG ONLY.  These assertions exist to catch otherwise valid image
 	 * files which differ from what I believe to be true of all LBX images.
@@ -100,14 +109,14 @@ static int _lbx_drawrow(int first, struct lbx_image *img)
 	if (type == 0) {
 		if (fread(&yval,  sizeof yval,  1, img->f) != 1) goto readerr;
 		yval = letohs(yval); img->foff += sizeof yval;
-
 		if (yval == 1000)
 			return 1;
-
 		if (fread(&count, sizeof count, 1, img->f) != 1) goto readerr;
 		count = letohs(count); img->foff += sizeof count;
 		if (fread(&xval,  sizeof xval,  1, img->f) != 1) goto readerr;
 		xval = letohs(xval); img->foff += sizeof xval;
+		if (xval == 1000)
+			return 1;
 
 		/* Ensure that the row fits in the image. */
 		if (img->height - img->currenty <= yval || xval >= img->width) {
@@ -211,7 +220,7 @@ unsigned char **lbximg_getframe(struct lbx_image *img, int frame)
 				return NULL;
 			first = 0;
 
-			if (img->foff > img->offsets[frame+1]) {
+			if (!rc && img->foff > img->offsets[frame+1]) {
 				lbx_errno = LBX_EFORMAT;
 				return NULL;
 			}
@@ -272,6 +281,10 @@ lbximg_getpalette(struct lbx_image *img, struct lbx_colour palette[static 256])
 
 		if (entry[0] == 0) {
 			index++;
+			if (index >= 256) {
+				lbx_errno = LBX_EFORMAT;
+				return -1;
+			}
 		} else {
 			index = entry[0];
 		}