diff --git a/src/chipset/scat.c b/src/chipset/scat.c index 79f18d396..24b701c75 100644 --- a/src/chipset/scat.c +++ b/src/chipset/scat.c @@ -1364,13 +1364,24 @@ static void mem_write_scatw(uint32_t addr, uint16_t val, void *priv) { ems_page_t *page = (ems_page_t *)priv; - scat_t *dev = (scat_t *)page->scat; + scat_t *dev; uint32_t oldaddr = addr, chkaddr; - addr = get_addr(dev, addr, page); - chkaddr = page ? addr : oldaddr; + if (page == NULL) + dev = NULL; + else + dev = (scat_t *)page->scat; + + if (dev == NULL) + chkaddr = oldaddr; + else { + addr = get_addr(dev, addr, page); + chkaddr = addr; + } + if (chkaddr >= 0xc0000 && chkaddr < 0x100000) { - if (dev->regs[SCAT_RAM_WRITE_PROTECT] & (1 << ((chkaddr - 0xc0000) >> 15))) return; + if (dev->regs[SCAT_RAM_WRITE_PROTECT] & (1 << ((chkaddr - 0xc0000) >> 15))) + return; } if (addr < ((uint32_t)mem_size << 10)) @@ -1382,14 +1393,26 @@ static void mem_write_scatl(uint32_t addr, uint32_t val, void *priv) { ems_page_t *page = (ems_page_t *)priv; - scat_t *dev = (scat_t *)page->scat; + scat_t *dev; uint32_t oldaddr = addr, chkaddr; - addr = get_addr(dev, addr, page); - chkaddr = page ? addr : oldaddr; - if (chkaddr >= 0xc0000 && chkaddr < 0x100000) { - if (dev->regs[SCAT_RAM_WRITE_PROTECT] & (1 << ((chkaddr - 0xc0000) >> 15))) return; + if (page == NULL) + dev = NULL; + else + dev = (scat_t *)page->scat; + + if (dev == NULL) + chkaddr = oldaddr; + else { + addr = get_addr(dev, addr, page); + chkaddr = addr; } + + if (chkaddr >= 0xc0000 && chkaddr < 0x100000) { + if (dev->regs[SCAT_RAM_WRITE_PROTECT] & (1 << ((chkaddr - 0xc0000) >> 15))) + return; + } + if (addr < ((uint32_t)mem_size << 10)) *(uint32_t *)&ram[addr] = val; } diff --git a/src/config.c b/src/config.c index 2a333f952..98b0774ef 100644 --- a/src/config.c +++ b/src/config.c @@ -667,7 +667,10 @@ load_sound(void) memset(temp, '\0', sizeof(temp)); p = config_get_string(cat, "sound_type", "float"); - strcpy(temp, p); + if (strlen(p) <= 511) + strcpy(temp, p); + else + strncpy(temp, p, 511); if (!strcmp(temp, "float") || !strcmp(temp, "1")) sound_is_float = 1; else @@ -2109,7 +2112,7 @@ config_set_int(char *head, char *name, int val) ent = create_entry(section, name); sprintf(ent->data, "%i", val); - mbstowcs(ent->wdata, ent->data, sizeof_w(ent->wdata)); + mbstowcs(ent->wdata, ent->data, 512); } diff --git a/src/cpu/808x.c b/src/cpu/808x.c index bf028eeaa..fb077d046 100644 --- a/src/cpu/808x.c +++ b/src/cpu/808x.c @@ -1215,7 +1215,7 @@ jcc(uint8_t opcode, int cond) wait(1, 0); cpu_data = pfq_fetchb(); wait(1, 0); - if ((!cond) == (opcode & 0x01)) + if ((!cond) == !!(opcode & 0x01)) jump_short(); } diff --git a/src/cpu_new/808x.c b/src/cpu_new/808x.c index 266c48c63..060f3f1a3 100644 --- a/src/cpu_new/808x.c +++ b/src/cpu_new/808x.c @@ -1208,7 +1208,7 @@ jcc(uint8_t opcode, int cond) wait(1, 0); cpu_data = pfq_fetchb(); wait(1, 0); - if ((!cond) == (opcode & 0x01)) + if ((!cond) == !!(opcode & 0x01)) jump_short(); } diff --git a/src/disk/zip.c b/src/disk/zip.c index 9185aafae..d265fbc8b 100644 --- a/src/disk/zip.c +++ b/src/disk/zip.c @@ -2130,8 +2130,10 @@ zip_phase_data_out(scsi_common_t *sc) dev->buffer[6] = (s >> 8) & 0xff; dev->buffer[7] = s & 0xff; } - fseek(dev->drv->f, dev->drv->base + (i << 9), SEEK_SET); - fwrite(dev->buffer, 1, 512, dev->drv->f); + if (fseek(dev->drv->f, dev->drv->base + (i << 9), SEEK_SET) == -1) + fatal("zip_phase_data_out(): Error seeking\n"); + if (fwrite(dev->buffer, 1, 512, dev->drv->f) != 512) + fatal("zip_phase_data_out(): Error writing data\n"); } break; case GPCMD_MODE_SELECT_6: diff --git a/src/floppy/fdd_86f.c b/src/floppy/fdd_86f.c index 02341193a..860c424c2 100644 --- a/src/floppy/fdd_86f.c +++ b/src/floppy/fdd_86f.c @@ -3175,10 +3175,10 @@ d86f_writeback(int drive) fatal("86F write_back(): Error reading header size\n"); if (fseek(dev->f, 8, SEEK_SET) == -1) - fatal("86F write_back(): Error seeking\n"); + fatal("86F write_back(): Error seeking\n"); size = d86f_get_track_table_size(drive); if (fwrite(dev->track_offset, 1, size, dev->f) != size) - fatal("86F write_back(): Error writing data\n"); + fatal("86F write_back(): Error writing data\n"); d86f_write_tracks(drive, &dev->f, NULL); diff --git a/src/floppy/fdd_fdi.c b/src/floppy/fdd_fdi.c index fdb5af532..f9e42ed6b 100644 --- a/src/floppy/fdd_fdi.c +++ b/src/floppy/fdd_fdi.c @@ -329,14 +329,14 @@ fdi_load(int drive, wchar_t *fn) /* Allocate a drive block. */ dev = (fdi_t *)malloc(sizeof(fdi_t)); - memset(dev, 0x00, sizeof(fdi_t)); if (dev == NULL) { - free(dev); memset(floppyfns[drive], 0, sizeof(floppyfns[drive])); return; } + memset(dev, 0x00, sizeof(fdi_t)); + d86f_unregister(drive); dev->f = plat_fopen(fn, L"rb"); diff --git a/src/floppy/fdd_imd.c b/src/floppy/fdd_imd.c index 1ff63ac6d..a9c9c21fa 100644 --- a/src/floppy/fdd_imd.c +++ b/src/floppy/fdd_imd.c @@ -190,8 +190,8 @@ track_is_xdf(int drive, int side, int track) dev->current_side_flags[side] = (dev->tracks[track][side].params[3] == 19) ? 0x08 : 0x28; return((dev->tracks[track][side].params[3] == 19) ? 2 : 1); } - return(0); } + return(0); } else { if (dev->tracks[track][side].params[4] != 0xFF) return(0); diff --git a/src/floppy/fdd_img.c b/src/floppy/fdd_img.c index 6d0c626dc..e1417254a 100644 --- a/src/floppy/fdd_img.c +++ b/src/floppy/fdd_img.c @@ -490,8 +490,10 @@ img_seek(int drive, int track) is_t0 = (track == 0) ? 1 : 0; - if (! dev->disk_at_once) - fseek(dev->f, dev->base + (track * dev->sectors * ssize * dev->sides), SEEK_SET); + if (! dev->disk_at_once) { + if (fseek(dev->f, dev->base + (track * dev->sectors * ssize * dev->sides), SEEK_SET) == -1) + fatal("img_seek(): Error seeking\n"); + } for (side = 0; side < dev->sides; side++) { if (dev->disk_at_once) { diff --git a/src/floppy/fdd_td0.c b/src/floppy/fdd_td0.c index dd2499bee..a230a7ae8 100644 --- a/src/floppy/fdd_td0.c +++ b/src/floppy/fdd_td0.c @@ -656,8 +656,10 @@ td0_initialize(int drive) state_Decode(&disk_decode, dev->imagebuf, TD0_MAX_BUFSZ); } else { td0_log("TD0: File is uncompressed\n"); - fseek(dev->f, 12, SEEK_SET); - fread(dev->imagebuf, 1, file_size - 12, dev->f); + if (fseek(dev->f, 12, SEEK_SET) == -1) + fatal("td0_initialize(): Error seeking to offet 12\n"); + if (fread(dev->imagebuf, 1, file_size - 12, dev->f) != (file_size - 12)) + fatal("td0_initialize(): Error reading image buffer\n"); } if (header[7] & 0x80) diff --git a/src/network/net_pcap.c b/src/network/net_pcap.c index 5acc9c170..771b55e8e 100644 --- a/src/network/net_pcap.c +++ b/src/network/net_pcap.c @@ -260,10 +260,16 @@ net_pcap_prepare(netdev_t *list) } for (dev=devlist; dev!=NULL; dev=dev->next) { - strcpy(list->device, dev->name); - if (dev->description) - strcpy(list->description, dev->description); - else + if (strlen(dev->name) <= 127) + strcpy(list->device, dev->name); + else + strncpy(list->device, dev->name, 127); + if (dev->description) { + if (strlen(dev->description) <= 127) + strcpy(list->description, dev->description); + else + strncpy(list->description, dev->description, 127); + } else memset(list->description, '\0', sizeof(list->description)); list++; i++; } diff --git a/src/scsi/scsi_buslogic.c b/src/scsi/scsi_buslogic.c index 182cd2282..28ecdb612 100644 --- a/src/scsi/scsi_buslogic.c +++ b/src/scsi/scsi_buslogic.c @@ -625,10 +625,6 @@ BuslogicSCSIBIOSRequestSetup(x54x_t *dev, uint8_t *CmdBuf, uint8_t *DataInBuf, u buslogic_log("Transfer Control %02X\n", ESCSICmd->DataDirection); buslogic_log("CDB Length %i\n", ESCSICmd->CDBLength); - if (ESCSICmd->DataDirection > 0x03) { - buslogic_log("Invalid control byte: %02X\n", - ESCSICmd->DataDirection); - } } target_cdb_len = 12; diff --git a/src/scsi/scsi_x54x.c b/src/scsi/scsi_x54x.c index e395923c6..8c8a5985d 100644 --- a/src/scsi/scsi_x54x.c +++ b/src/scsi/scsi_x54x.c @@ -415,7 +415,7 @@ x54x_bios_command(x54x_t *x54x, uint8_t max_id, BIOSCMD *cmd, int8_t islba) x54x_log("BIOS Command = 0x%02X\n", cmd->command); - if ((cmd->id > max_id) || (cmd->lun > 7)) { + if (cmd->id > max_id) { x54x_log("BIOS Target ID %i or LUN %i are above maximum\n", cmd->id, cmd->lun); ret = 0x80; diff --git a/src/sound/snd_adlibgold.c b/src/sound/snd_adlibgold.c index 828ea518d..d4a29412d 100644 --- a/src/sound/snd_adlibgold.c +++ b/src/sound/snd_adlibgold.c @@ -776,7 +776,8 @@ void *adgold_init(const device_t *info) f = nvr_fopen(L"adgold.bin", L"rb"); if (f) { - fread(adgold->adgold_eeprom, 0x1a, 1, f); + if (fread(adgold->adgold_eeprom, 1, 0x1a, f) != 0x1a) + fatal("adgold_init(): Error reading data\n"); fclose(f); } diff --git a/src/video/vid_ati_mach64.c b/src/video/vid_ati_mach64.c index c6c422a9d..a27621dde 100644 --- a/src/video/vid_ati_mach64.c +++ b/src/video/vid_ati_mach64.c @@ -789,6 +789,7 @@ static void mach64_accel_write_fifo(mach64_t *mach64, uint32_t addr, uint8_t val break; case 0x2a4: case 0x2a5: addr += 2; + /*FALLTHROUGH*/ case 0x2aa: case 0x2ab: WRITE8(addr, mach64->sc_left_right, val); break; diff --git a/src/video/vid_et4000w32.c b/src/video/vid_et4000w32.c index 167a3ad05..c941d85fd 100644 --- a/src/video/vid_et4000w32.c +++ b/src/video/vid_et4000w32.c @@ -1247,7 +1247,7 @@ void et4000w32p_pci_write(int func, int addr, uint8_t val, void *p) case 0x13: et4000->linearbase &= 0x00c00000; - et4000->linearbase = (et4000->pci_regs[0x13] << 24); + et4000->linearbase |= (et4000->pci_regs[0x13] << 24); svga->crtc[0x30] &= 3; svga->crtc[0x30] |= ((et4000->linearbase & 0x3f000000) >> 22); et4000w32p_recalcmapping(et4000); diff --git a/src/video/vid_pgc.c b/src/video/vid_pgc.c index 98fd7b87b..0dbaa9595 100644 --- a/src/video/vid_pgc.c +++ b/src/video/vid_pgc.c @@ -1680,7 +1680,6 @@ pgc_wake(pgc_t *dev) void pgc_sleep(pgc_t *dev) { - uint8_t *n = NULL; pgc_log("PGC: sleeping on %i %i %i %i 0x%02x 0x%02x\n", dev->stopped, dev->waiting_input_fifo, dev->waiting_output_fifo, @@ -1690,7 +1689,6 @@ pgc_sleep(pgc_t *dev) if (dev->stopped) { dev->waiting_input_fifo = 0; dev->waiting_output_fifo = 0; - *n = 0; return; } diff --git a/src/video/video.c b/src/video/video.c index 1cbdfdac4..e7504f4b5 100644 --- a/src/video/video.c +++ b/src/video/video.c @@ -920,14 +920,14 @@ loadfont(wchar_t *s, int format) case 0: /* MDA */ for (c=0; c<256; c++) for (d=0; d<8; d++) - fontdatm[c][d] = fgetc(f); + fontdatm[c][d] = fgetc(f) & 0xff; for (c=0; c<256; c++) for (d=0; d<8; d++) - fontdatm[c][d+8] = fgetc(f); + fontdatm[c][d+8] = fgetc(f) & 0xff; (void)fseek(f, 4096+2048, SEEK_SET); for (c=0; c<256; c++) for (d=0; d<8; d++) - fontdat[c][d] = fgetc(f); + fontdat[c][d] = fgetc(f) & 0xff; break; case 1: /* PC200 */ @@ -950,19 +950,19 @@ loadfont(wchar_t *s, int format) case 2: /* CGA */ for (c=0; c<256; c++) for (d=0; d<8; d++) - fontdat[c][d] = fgetc(f); + fontdat[c][d] = fgetc(f) & 0xff; break; case 3: /* Wyse 700 */ for (c=0; c<512; c++) for (d=0; d<32; d++) - fontdatw[c][d] = fgetc(f); + fontdatw[c][d] = fgetc(f) & 0xff; break; case 4: /* MDSI Genius */ for (c=0; c<256; c++) for (d=0; d<16; d++) - fontdat8x12[c][d] = fgetc(f); + fontdat8x12[c][d] = fgetc(f) & 0xff; break; case 5: /* Toshiba 3100e */ @@ -1006,7 +1006,7 @@ loadfont(wchar_t *s, int format) for (c = 0; c < 16384; c++) { for (d = 0; d < 32; d++) - fontdatksc5601[c].chr[d]=getc(f); + fontdatksc5601[c].chr[d]=fgetc(f) & 0xff; } break; @@ -1026,7 +1026,7 @@ loadfont(wchar_t *s, int format) case 8: /* Amstrad PC1512, Toshiba T1000/T1200 */ for (c = 0; c < 2048; c++) /* Allow up to 2048 chars */ for (d=0; d<8; d++) - fontdat[c][d] = fgetc(f); + fontdat[c][d] = fgetc(f) & 0xff; break; case 9: /* Image Manager 1024 native font */ diff --git a/src/win/win_ui.c b/src/win/win_ui.c index f15dd1069..a189fa87b 100644 --- a/src/win/win_ui.c +++ b/src/win/win_ui.c @@ -1077,9 +1077,12 @@ wchar_t * ui_window_title(wchar_t *s) { if (! video_fullscreen) { - if (s != NULL) - wcscpy(wTitle, s); - else + if (s != NULL) { + if (wcslen(s) <= 512) + wcscpy(wTitle, s); + else + wcsncpy(wTitle, s, 512); + } else s = wTitle; SetWindowText(hwndMain, s); @@ -1097,7 +1100,7 @@ void plat_pause(int p) { static wchar_t oldtitle[512]; - wchar_t title[512]; + wchar_t title[512], *t; /* If un-pausing, as the renderer if that's OK. */ if (p == 0) @@ -1113,7 +1116,11 @@ plat_pause(int p) } if (p) { - wcscpy(oldtitle, ui_window_title(NULL)); + t = ui_window_title(NULL); + if (wcslen(t) <= 511) + wcscpy(oldtitle, ui_window_title(NULL)); + else + wcsncpy(oldtitle, ui_window_title(NULL), 511); wcscpy(title, oldtitle); wcscat(title, L" - PAUSED -"); ui_window_title(title);