From 3c2d25d49ed8016d898b47c0dec94f5d8379005f Mon Sep 17 00:00:00 2001
From: Hanicef <gustaf@hanicef.me>
Date: Fri, 21 Mar 2025 19:52:40 +0100
Subject: [PATCH] Fix buffer overflow when calculating texture offset in
 Software

---
 src/lua_maplib.c  | 2 +-
 src/lua_mathlib.c | 4 ++--
 src/r_segs.c      | 2 +-
 src/tables.h      | 1 +
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/lua_maplib.c b/src/lua_maplib.c
index c946b10ce..2740c957f 100644
--- a/src/lua_maplib.c
+++ b/src/lua_maplib.c
@@ -2695,7 +2695,7 @@ static int slope_set(lua_State *L)
 		if (zangle == ANGLE_90 || zangle == ANGLE_270)
 			return luaL_error(L, "invalid zangle for slope!");
 		slope->zangle = zangle;
-		slope->zdelta = -FINETANGENT(((slope->zangle+ANGLE_90)>>ANGLETOFINESHIFT) & 4095);
+		slope->zdelta = -FINETANGENT(((slope->zangle+ANGLE_90)>>ANGLETOFINESHIFT) & TANMASK);
 		slope->dzdelta = FixedToDouble(slope->zdelta);
 		P_CalculateSlopeNormal(slope);
 		break;
diff --git a/src/lua_mathlib.c b/src/lua_mathlib.c
index 1bc6019de..4dcee68c8 100644
--- a/src/lua_mathlib.c
+++ b/src/lua_mathlib.c
@@ -83,8 +83,8 @@ static int lib_finecosine(lua_State *L)
 static int lib_finetangent(lua_State *L)
 {
 	// HACK: add ANGLE_90 to make tan() in Lua start at 0 like it should
-	// use & 4095 instead of & FINEMASK (8191), so it doesn't go out of the array's bounds
-	lua_pushfixed(L, FINETANGENT(((luaL_checkangle(L, 1)+ANGLE_90)>>ANGLETOFINESHIFT) & 4095));
+	// use & TANMASK (4095) instead of & FINEMASK (8191), so it doesn't go out of the array's bounds
+	lua_pushfixed(L, FINETANGENT(((luaL_checkangle(L, 1)+ANGLE_90)>>ANGLETOFINESHIFT) & TANMASK));
 	return 1;
 }
 
diff --git a/src/r_segs.c b/src/r_segs.c
index 510744ebc..bee349492 100644
--- a/src/r_segs.c
+++ b/src/r_segs.c
@@ -1463,7 +1463,7 @@ static void R_RenderSegLoop (void)
 		//SoM: Calculate offsets for Thick fake floors.
 		// calculate texture offset
 		angle = (rw_centerangle + xtoviewangle[rw_x])>>ANGLETOFINESHIFT;
-		textureoffset = rw_offset - FixedMul(FINETANGENT(angle), rw_distance);
+		textureoffset = rw_offset - FixedMul(FINETANGENT(angle & TANMASK), rw_distance);
 		texturecolumn = FixedDiv(textureoffset, rw_invmidtexturescalex);
 
 		// texturecolumn and lighting are independent of wall tiers
diff --git a/src/tables.h b/src/tables.h
index 3c0dd2a81..43817e25d 100644
--- a/src/tables.h
+++ b/src/tables.h
@@ -22,6 +22,7 @@
 
 #define FINEANGLES 8192
 #define FINEMASK (FINEANGLES - 1)
+#define TANMASK 4095
 #define ANGLETOFINESHIFT 19 // 0x100000000 to 0x2000
 #define FINEANGLE_C(x) ((FixedAngle((x)*FRACUNIT)>>ANGLETOFINESHIFT) & FINEMASK) // ((x*(ANGLE_45/45))>>ANGLETOFINESHIFT) & FINEMASK
 
-- 
GitLab