From deafddcb7521cdebf7850b0f3a86f1993fcdbc28 Mon Sep 17 00:00:00 2001
From: /dev/humancontroller <devhc@example.com>
Date: Sat, 15 Apr 2017 00:08:05 +0200
Subject: add boundary checks in BG_ParseCSVBuildableList()

for protection against malicious map files
---
 src/game/bg_misc.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/game/bg_misc.c b/src/game/bg_misc.c
index 0ebcc55..b7f23f3 100644
--- a/src/game/bg_misc.c
+++ b/src/game/bg_misc.c
@@ -5437,6 +5437,9 @@ void BG_ParseCSVBuildableList( const char *string, buildable_t *buildables, int
 
   while( *p != '\0' )
   {
+    if( i == buildablesSize - 1 )
+      break;
+
     //skip to first , or EOS
     while( *p != ',' && *p != '\0' )
       p++;
-- 
cgit