From a943307b905395d3b3ac3df3f8682e9464a0d512 Mon Sep 17 00:00:00 2001 From: Sergey Svishchev Date: Fri, 10 Mar 2017 02:49:37 +0300 Subject: [PATCH 1/6] argo, unior, x07: fix CID: 138563-138565 "Overlapping buffer in memory copy" --- src/mame/drivers/argo.cpp | 2 +- src/mame/drivers/unior.cpp | 2 +- src/mame/drivers/x07.cpp | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/mame/drivers/argo.cpp b/src/mame/drivers/argo.cpp index 26658e884d0..97e535fe435 100644 --- a/src/mame/drivers/argo.cpp +++ b/src/mame/drivers/argo.cpp @@ -114,7 +114,7 @@ WRITE8_MEMBER(argo_state::argo_io_w) { uint8_t *RAM = memregion("videoram")->base(); m_scroll_ctrl = 0; - memcpy(RAM, RAM+80, 24*80); + memmove(RAM, RAM+80, 24*80); } break; diff --git a/src/mame/drivers/unior.cpp b/src/mame/drivers/unior.cpp index 00fbd9cdb72..cc32d924c4a 100644 --- a/src/mame/drivers/unior.cpp +++ b/src/mame/drivers/unior.cpp @@ -257,7 +257,7 @@ WRITE8_MEMBER( unior_state::vram_w ) WRITE8_MEMBER( unior_state::scroll_w ) { if (data) - memcpy(m_p_vram, m_p_vram+80, 24*80); + memmove(m_p_vram, m_p_vram+80, 24*80); } I8275_DRAW_CHARACTER_MEMBER(unior_state::display_pixels) diff --git a/src/mame/drivers/x07.cpp b/src/mame/drivers/x07.cpp index c4a2a292132..598390b32af 100644 --- a/src/mame/drivers/x07.cpp +++ b/src/mame/drivers/x07.cpp @@ -1009,7 +1009,7 @@ void x07_state::kb_irq() { m_regs_r[0] = 0; m_regs_r[1] = m_t6834_ram[0x400]; - memcpy(m_t6834_ram + 0x400, m_t6834_ram + 0x401, 0xff); + memmove(m_t6834_ram + 0x400, m_t6834_ram + 0x401, 0xff); m_kb_size--; m_regs_r[2] |= 0x01; m_maincpu->set_input_line(NSC800_RSTA, ASSERT_LINE); From 304be1a1d6d95bff1ac7fd79d48c1f0a05c043cc Mon Sep 17 00:00:00 2001 From: Sergey Svishchev Date: Fri, 10 Mar 2017 03:10:03 +0300 Subject: [PATCH 2/6] pc88va: fix CID: 138607 "Operands don't affect result" --- src/mame/drivers/pc88va.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/mame/drivers/pc88va.cpp b/src/mame/drivers/pc88va.cpp index 50ddb757152..e59c01fc642 100644 --- a/src/mame/drivers/pc88va.cpp +++ b/src/mame/drivers/pc88va.cpp @@ -176,7 +176,7 @@ DECLARE_WRITE8_MEMBER(dma_memw_cb); void draw_sprites(bitmap_rgb32 &bitmap, const rectangle &cliprect); uint32_t calc_kanji_rom_addr(uint8_t jis1,uint8_t jis2,int x,int y); void draw_text(bitmap_rgb32 &bitmap, const rectangle &cliprect); - void tsp_sprite_enable(uint32_t spr_offset, uint8_t sw_bit); + void tsp_sprite_enable(uint32_t spr_offset, uint16_t sw_bit); void execute_sync_cmd(); void execute_dspon_cmd(); void execute_dspdef_cmd(); @@ -759,7 +759,7 @@ WRITE8_MEMBER(pc88va_state::idp_command_w) } } -void pc88va_state::tsp_sprite_enable(uint32_t spr_offset, uint8_t sw_bit) +void pc88va_state::tsp_sprite_enable(uint32_t spr_offset, uint16_t sw_bit) { address_space &space = m_maincpu->space(AS_PROGRAM); From 6b5e155c0dd99fd618760c2457a541a904e1bec3 Mon Sep 17 00:00:00 2001 From: Sergey Svishchev Date: Fri, 10 Mar 2017 02:55:44 +0300 Subject: [PATCH 3/6] peplus: fix CID: 138606 "Logical vs. bitwise operator" --- src/mame/drivers/peplus.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mame/drivers/peplus.cpp b/src/mame/drivers/peplus.cpp index 3dd638353cf..d8c7511772c 100644 --- a/src/mame/drivers/peplus.cpp +++ b/src/mame/drivers/peplus.cpp @@ -795,7 +795,7 @@ READ8_MEMBER(peplus_state::peplus_input0_r) } if (m_bv_pulse == 1) { - return (0x70 || m_in0->read()); // Add Bill Validator Credit Pulse + return (0x70 | m_in0->read()); // Add Bill Validator Credit Pulse } else { return m_in0->read(); } From 58f2def8621f0fb8472f210edf31635314ecc1d4 Mon Sep 17 00:00:00 2001 From: Sergey Svishchev Date: Fri, 10 Mar 2017 18:02:44 +0300 Subject: [PATCH 4/6] formats/cbm_tap: fix CID: 138003 "Dereference before null check" --- src/lib/formats/cbm_tap.cpp | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/lib/formats/cbm_tap.cpp b/src/lib/formats/cbm_tap.cpp index 0b0950eebcc..2699ab51ec0 100644 --- a/src/lib/formats/cbm_tap.cpp +++ b/src/lib/formats/cbm_tap.cpp @@ -173,9 +173,7 @@ static int cbm_tap_do_work( int16_t **buffer, int length, const uint8_t *data ) int i, j = 0; int size = 0; - int version = data[0x0c]; - int system = data[0x0d]; - int video_standard = data[0x0e]; + int version, system, video_standard; int tap_frequency = 0; int byte_samples = 0; @@ -186,6 +184,14 @@ static int cbm_tap_do_work( int16_t **buffer, int length, const uint8_t *data ) in Commodore tapes. Implementation here would follow */ /* int waveamp_high, waveamp_low; */ + /* is the .tap file corrupted? */ + if ((data == nullptr) || (length <= CBM_HEADER_SIZE)) + return -1; + + version = data[0x0c]; + system = data[0x0d]; + video_standard = data[0x0e]; + /* Log .TAP info but only once */ if (!(buffer == nullptr)) { @@ -203,10 +209,6 @@ static int cbm_tap_do_work( int16_t **buffer, int length, const uint8_t *data ) return -1; } - /* is the .tap file corrupted? */ - if ((data == nullptr) || (length <= CBM_HEADER_SIZE)) - return -1; - /* read the frequency from the .tap header */ switch (system) From 5b9e65a179fe3dee68ed75f8837450777011f1cf Mon Sep 17 00:00:00 2001 From: Sergey Svishchev Date: Fri, 10 Mar 2017 02:25:53 +0300 Subject: [PATCH 5/6] machine/hdc92x4: fix CID: 138631 "Operands don't affect result" --- src/devices/machine/hdc92x4.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/devices/machine/hdc92x4.cpp b/src/devices/machine/hdc92x4.cpp index cda79df1137..0b92ed0a4c4 100644 --- a/src/devices/machine/hdc92x4.cpp +++ b/src/devices/machine/hdc92x4.cpp @@ -1746,9 +1746,9 @@ void hdc92x4_device::seek_read_id() } int cont = NEXT; - bool step_enable = (current_command() & 0x04)==1; - bool wait_seek_comp = (current_command() & 0x02)==1; - bool do_verify = (current_command() & 0x01)==1; + bool step_enable = BIT(current_command(), 2); + bool wait_seek_comp = BIT(current_command(), 1); + bool do_verify = BIT(current_command(), 0); m_logical = true; while (cont == NEXT) From d714b46924348b97ec43648a53d2c31ddfcd1c79 Mon Sep 17 00:00:00 2001 From: Sergey Svishchev Date: Fri, 10 Mar 2017 15:52:01 +0300 Subject: [PATCH 6/6] machine/roc10937: fix CID: 138793 "Logically dead code" --- src/devices/machine/roc10937.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/devices/machine/roc10937.cpp b/src/devices/machine/roc10937.cpp index 3be5f16a2a1..2573e9549b0 100644 --- a/src/devices/machine/roc10937.cpp +++ b/src/devices/machine/roc10937.cpp @@ -361,8 +361,8 @@ void roc10957_t::write_char(int data) } } else - { // Display data - data &= 0x3F; + { // Display data. Bit 6 is a "don't care" bit except for PNT and TAIL. + data &= 0x7F; switch ( data ) {