Added stack pointer validation for call function/method opcodes.

cleolibrary · Nov 24, 2024 · 66600dc · 66600dc
1 parent de687b2
commit 66600dc
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/cleo_plugins/MemoryOperations/MemoryOperations.cpp b/cleo_plugins/MemoryOperations/MemoryOperations.cpp
@@ -161,8 +161,11 @@ class MemoryOperations
         SCRIPT_VAR* arguments_end = arguments + numArg;
         numPop *= 4; // bytes peer argument
         DWORD result;
+        int oriSp, postSp; // stack validation
         _asm
         {
+            mov oriSp, esp
+
             // transfer args to stack
             lea ecx, arguments
             call_func_loop :
@@ -179,6 +182,21 @@ class MemoryOperations
                 call func
                 mov result, eax // get result
                 add esp, numPop // cleanup stack
+
+            mov postSp, esp
+        }
+
+        // validate stack pointer
+        if (postSp != oriSp)
+        {
+            _asm
+            {
+                mov esp, oriSp // fix stack pointer
+            }
+
+            int diff = oriSp - postSp;
+            SHOW_ERROR("Function call left stack position changed (%s%d) in script %s \nScript suspended.", diff > 0 ? "+" : "", diff, CLEO::ScriptInfoStr(thread).c_str());
+            return thread->Suspend();
         }
 
         if (returnArg)