lifning/SRB2
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Realised the potential for out-of-bounds memory accessing, so put some limits in place to prevent that from happening.

Browse source 
(skin->availability is a UINT8, so it'll never be negative)
This commit is contained in:
toasterbabe 2016-07-14 14:45:15 +01:00
parent caed5718c1
commit 417e9187d9
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/r_things.c
View file

@ -2639,7 +2639,9 @@ void R_AddSkins(UINT16 wadnum)
else if (!stricmp(stoken, "availability"))
{
skin->availability = atoi(value);
if (skin->availability && (skin->availability < MAXUNLOCKABLES))
if (skin->availability >= MAXUNLOCKABLES)
skin->availability = 0;
if (skin->availability)
STRBUFCPY(unlockables[skin->availability - 1].name, skin->realname);
}