Browse code
Fixed corruption in ff00-ffff, improved checks for | and $, thanks karolbelina!
Andrew Alderwick authored on 23/10/2021 22:15:07
Showing 1 changed files
| ... | ... |
@@ -12,7 +12,7 @@ WITH REGARD TO THIS SOFTWARE. |
| 12 | 12 |
*/ |
| 13 | 13 |
|
| 14 | 14 |
#define TRIM 0x0100 |
| 15 |
-#define LENGTH 0x10000 - TRIM |
|
| 15 |
+#define LENGTH 0x10000 |
|
| 16 | 16 |
|
| 17 | 17 |
typedef unsigned char Uint8; |
| 18 | 18 |
typedef signed char Sint8; |
| ... | ... |
@@ -366,11 +366,13 @@ pass2(FILE *f) |
| 366 | 366 |
if(skipblock(w, &ccmnt, '(', ')')) continue;
|
| 367 | 367 |
if(skipblock(w, &cmacr, '{', '}')) continue;
|
| 368 | 368 |
if(w[0] == '|') {
|
| 369 |
- if(p.length && shex(w + 1) < p.ptr) |
|
| 369 |
+ if(p.length && (Uint16)shex(w + 1) < p.ptr) |
|
| 370 | 370 |
return error("Pass 2 - Memory overwrite", w);
|
| 371 | 371 |
p.ptr = shex(w + 1); |
| 372 | 372 |
continue; |
| 373 | 373 |
} else if(w[0] == '$') {
|
| 374 |
+ if(p.length && (Uint16)(p.ptr + shex(w + 1)) < p.ptr) |
|
| 375 |
+ return error("Pass 2 - Memory overwrite", w);
|
|
| 374 | 376 |
p.ptr += shex(w + 1); |
| 375 | 377 |
continue; |
| 376 | 378 |
} else if(w[0] == '@') {
|