Missing validation in .x loader, some UB

[luatic]

Hi!

As you might know, Luanti (formerly Minetest) uses a fork of Irrlicht. Some parts haven't changed much, like the .x loader.

I recently ran a search for vulnerabilities on Luanti using a LLM (Claude Fable) out of curiosity and it found a few issues in the .x loader (e.g. memory safety issues that let you write to addresses you shouldn't be able to write to, and a couple more bugs).
I've verified them and written patches for Luanti: https://github.com/luanti-org/luanti/pull/17260.

Feel free to take any of the changes.

Luckily this is probably not of much security relevance to Irrlicht, because except for Luanti I'm not aware of anything using Irrlicht to load potentially untrustworthy .x models.

While writing the patches I also spotted some more UB around float-int type punning which I also fixed. (This is UB in C++, allowed in C. See the commits on the linked PR for details.)

p.s. if anyone has a binary .x model, please let me know.

[CuteAlien]

Bit tricky to merge, the loader seems to have been rewritten before this patch. Maybe I'll figure it out some day.
And yeah, type punning UB despite being used all over the place for stuff like this :-(
I think I'll fix that whenever we go beyond c++98 in Irrlicht (and use STL etc - all stuff we don't do yet in Irrlicht 1.9).

Thanks for informing us.

[Noiecity]

Bit tricky to merge, the loader seems to have been rewritten before this patch. Maybe I'll figure it out some day.
And yeah, type punning UB despite being used all over the place for stuff like this
I think I'll fix that whenever we go beyond c++98 in Irrlicht (and use STL etc - all stuff we don't do yet in Irrlicht 1.9).

Thanks for informing us.

I don't know if what I'm saying will be helpful, but there are some interesting tools that can improve C++ compilation. I found them while looking for ways to validate my C++ code, similar to how the Rust compiler would do it:
- AddressSanitizer (ASan):
use-after-free
buffer overflows
double free
out-of-bounds accesses
- Valgrind:
memory leaks
invalid memory accesses
use of uninitialized memory
- Cppcheck:
potential null dereferences
memory leaks
uninitialized variables
common logical errors
- Clang Static Analyzer:
use-after-free
leaks
unreleased resources
logic errors
- clang-tidy:
code modernization
subtle errors
bad practices
potential bugs.

I also came across UBSan (Undefined Behavior Sanitizer) and CRT Debug Heap(visual studio)

[CuteAlien]

Yeah, running most of those once in a while (all except ASan I think, never tried that one). VS also has a static analyser by now. Irrlicht svn trunk had lots of fixes over the last years from all those. Thought it's the stuff I do when I have no energy left for real coding, as it's mostly just polishing. Usually doesn't fix anything that causes actual bugs (like nearly never, you can fix hundreds of those warnings and the result will be the exact same ****ing result in the end in reality).